From owner-freebsd-net Sun Jan 14 4: 4:44 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.andy.de (fw.andy.de [212.8.198.74]) by hub.freebsd.org (Postfix) with ESMTP id 6D86837B400 for ; Sun, 14 Jan 2001 04:04:11 -0800 (PST) Received: from windoze.andy.de (windoze.andy.de [212.8.199.4]) by mail.andy.de (Postfix) with ESMTP id DCDEC7CEC1 for ; Sun, 14 Jan 2001 13:04:04 +0100 (CET) Date: Sun, 14 Jan 2001 13:05:05 +0100 From: Andreas Gerstenberg To: freebsd-net@freebsd.org Subject: Problem w/ traffic shaper? (dummynet) Message-ID: <224962209.979477505@windoze.andy.de> X-Mailer: Mulberry/2.0.5 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I've set up a very simple traffic-shaper: ipfw add pipe 1 ip from any to any via fxp2 in ipfw add pipe 2 ip from any to any via fxp2 out ipfw pipe 1 config bw 1MBit/s delay 10ms ipfw pipe 2 config bw 1MBit/s delay 10ms 'ipfw show' looks corrrect: 00100 9446889 4072588337 pipe 1 ip from any to any in recv fxp2 00200 11309245 4817693655 pipe 2 ip from any to any out xmit fxp2 the 'ipfw show queue' says the following: 00001: 8.000 Mbit/s 10 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 [...] 00002: 8.000 Mbit/s 10 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 [...] Why does it tell me a value of 8 Mbit/s? (4.2-STABLE, cvsup from 12.12.2000) regards, Andy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 4: 9:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from atro.pine.nl (atro.pine.nl [213.156.0.2]) by hub.freebsd.org (Postfix) with ESMTP id 5FE3C37B698 for ; Sun, 14 Jan 2001 04:09:35 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by atro.pine.nl (8.11.1/8.11.1) with ESMTP id f0EC9KI09630; Sun, 14 Jan 2001 13:09:20 +0100 (MET) Date: Sun, 14 Jan 2001 13:09:20 +0100 (MET) From: Mark Lastdrager To: Andreas Gerstenberg Cc: Subject: Re: Problem w/ traffic shaper? (dummynet) In-Reply-To: <224962209.979477505@windoze.andy.de> Message-ID: X-NCC-RegID: nl.pine MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At Sun, 14 Jan 2001, owner-freebsd-net@FreeBSD.ORG wrote: >Hello, > >I've set up a very simple traffic-shaper: > >ipfw add pipe 1 ip from any to any via fxp2 in >ipfw add pipe 2 ip from any to any via fxp2 out >ipfw pipe 1 config bw 1MBit/s delay 10ms >ipfw pipe 2 config bw 1MBit/s delay 10ms > Try Mbit/s (MB/s is Megabytes!) >Why does it tell me a value of 8 Mbit/s? Because 1 MB/s is ca. 8 Mb/s ;-) Mark Lastdrager -- Pine Internet BV :: tel. +31-70-3111010 :: fax. +31-70-3111011 PGP 92BB81D1 fingerprint 0059 7D7B C02B 38D2 A853 2785 8C87 3AF1 Today's excuse: We've run out of licenses To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 5: 6:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.andy.de (fw.andy.de [212.8.198.74]) by hub.freebsd.org (Postfix) with ESMTP id 7E42037B402 for ; Sun, 14 Jan 2001 05:06:20 -0800 (PST) Received: from windoze.andy.de (windoze.andy.de [212.8.199.4]) by mail.andy.de (Postfix) with ESMTP id 2E5CE7CEC1; Sun, 14 Jan 2001 14:06:19 +0100 (CET) Date: Sun, 14 Jan 2001 14:07:19 +0100 From: Andreas Gerstenberg To: Mark Lastdrager Cc: freebsd-net@FreeBSD.ORG Subject: Re: Problem w/ traffic shaper? (dummynet) (solved) Message-ID: <228696509.979481239@windoze.andy.de> In-Reply-To: X-Mailer: Mulberry/2.0.5 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -- Mark Lastdrager wrote: >> ipfw pipe 1 config bw 1MBit/s delay 10ms >> ipfw pipe 2 config bw 1MBit/s delay 10ms > Try Mbit/s (MB/s is Megabytes!) Ah, I see..so it's the second character which is interpreted case significant and not the rest (bit/s)...nice trap :-) >> Why does it tell me a value of 8 Mbit/s? > > Because 1 MB/s is ca. 8 Mb/s ;-) Sure.. Now, it shows not the right value. Thanx, Andy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 15:21:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 8D45037B400; Sun, 14 Jan 2001 15:20:56 -0800 (PST) Received: from monrovia-31.budapest.interware.hu ([195.70.53.223] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14HwSD-0001dS-00; Mon, 15 Jan 2001 00:20:53 +0100 Message-ID: <3A6233E7.E47F2E04@elischer.org> Date: Sun, 14 Jan 2001 15:19:03 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: HEADSUP! New netgraph code coming References: <3A5567A7.A11F47E3@elischer.org> <3A566BCB.BFD6FA2D@elischer.org> <7m1yu9mdlt.wl@waterblue.imgsrc.co.jp> <3A5F1788.9AD8509A@elischer.org> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dag-Erling Smorgrav wrote: > > Julian Elischer writes: > > Jun Kuriyama wrote: > > > # kldload ng_bridge > > > kldload: can't load ng_bridge: Exec format error > > > And /var/log/messages says: > > > > > > Jan 12 16:27:07 waterblue /boot/kernel/kernel: KLD ng_bridge.ko: depends on ng_ether - not available > > > > something is terribly broken with the kld loading at the moment. > > Something is terribly broken with ng_ether at the moment. It lacks a > MODULE_VERSION line. hmmmm is this required for something to be a depency? Where is it documented? > > DES > -- > Dag-Erling Smorgrav - des@ofug.org > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 15:22:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from cube.gelatinous.com (unknown [207.82.194.150]) by hub.freebsd.org (Postfix) with SMTP id 5FD6337B6A2 for ; Sun, 14 Jan 2001 15:22:37 -0800 (PST) Received: (qmail 50344 invoked by uid 1005); 14 Jan 2001 23:22:37 -0000 Date: Sun, 14 Jan 2001 15:22:37 -0800 From: Dan Holliman To: net@freebsd.org Subject: more weird mpd problems Message-ID: <20010114152237.A50188@gelatinous.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've gotten mpd-netgraph to work successfully on several networks with a traditional nat box as the gateway, just for fun, but for the network I am actually responsible for, I haven't been able to set it up successfully. I can get a pptp client to connect, the logs say I connect, but I can't actually get any traffic to go anywhere. I can't ping any thing else in the world except the ip address of my localhost, and the ip I made up for it on the private net of pptp clients. I think it's a routing problem I am not clued enough to understand. anyway, here is the relevant info from my mpd configuration: mpd.links file: pptp0: set link type pptp set pptp self 128.32.43.97 set pptp enable incoming set pptp disable originate mpd.conf file: default: load pptp0 pptp0: new -i ng0 pptp0 pptp0 set iface disable on-demand set iface enable proxy-arp set iface idle 0 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp set ipcp ranges 128.32.43.97/32 10.186.221.0/24 set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless and my routing table on a windows machine, behind a natd, after I've connected my natd gateway is 10.0.0.254: Network Address Netmask Gateway Address Interface Metric 0.0.0.0 0.0.0.0 10.0.0.254 10.0.0.10 2 0.0.0.0 0.0.0.0 10.186.221.5 10.186.221.5 1 10.0.0.0 255.255.255.0 10.186.221.5 10.186.221.5 1 10.0.0.0 255.0.0.0 10.186.221.5 10.186.221.5 1 10.0.0.0 255.255.255.0 10.0.0.10 10.0.0.10 2 10.0.0.10 255.255.255.255 127.0.0.1 127.0.0.1 1 10.186.221.5 255.255.255.255 127.0.0.1 127.0.0.1 1 10.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 128.32.43.97 255.255.255.255 10.0.0.254 10.0.0.10 1 224.0.0.0 224.0.0.0 10.0.0.10 10.0.0.10 1 224.0.0.0 224.0.0.0 10.186.221.5 10.186.221.5 1 255.255.255.255 255.255.255.255 10.186.221.5 10.186.221.5 1 so what am i doing wrong? thanks -dan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 15:30:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id A520137B400 for ; Sun, 14 Jan 2001 15:30:34 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id PAA06735; Sun, 14 Jan 2001 15:30:34 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.9.3/8.9.3) id PAA03683; Sun, 14 Jan 2001 15:30:33 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200101142330.PAA03683@curve.dellroad.org> Subject: Re: more weird mpd problems In-Reply-To: <20010114152237.A50188@gelatinous.com> "from Dan Holliman at Jan 14, 2001 03:22:37 pm" To: Dan Holliman Date: Sun, 14 Jan 2001 15:30:33 -0800 (PST) Cc: net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dan Holliman writes: > mpd.links file: > > pptp0: > set link type pptp > set pptp self 128.32.43.97 > set pptp enable incoming > set pptp disable originate > > mpd.conf file: > > default: > load pptp0 > > pptp0: > new -i ng0 pptp0 pptp0 > set iface disable on-demand > set iface enable proxy-arp > set iface idle 0 > set bundle disable multilink > set link yes acfcomp protocomp > set link no pap chap > set link enable chap > set link keep-alive 10 60 > set ipcp yes vjcomp > set ipcp ranges 128.32.43.97/32 10.186.221.0/24 ^^^^^^^^^^^^ > set bundle enable compression > set ccp yes mppc > set ccp yes mpp-e40 > set ccp yes mpp-e128 > set ccp yes mpp-stateless That line is the problem.. Change "128.32.43.97" to "10.186.221.x" where "10.186.221.x" is the address of the mpd machine on the private network. This line is setting the IP addresses of the point-to-point link that is the "inside" of the tunnel. What you've got will make the remote machine think that the route to 128.32.43.97 is via the PPTP, ok, so take the packet and wrap it in a GRE packet and send that to 128.32.43.97, ok, so what was the route to 128.32.43.97? Oops.. that is, infinite routing loop. Also, "10.186.221.0/24" looks fishy.. the peer is not going to know what IP it should want so there's no need to allow leeway (ie, 24 vs 32). You should change to a definite address, eg, 10.186.221.123/32. So something like set ipcp ranges 10.186.221.100/32 10.186.221.101/32 should work better. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 15:49:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id AA52C37B401 for ; Sun, 14 Jan 2001 15:49:02 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id PAA06821; Sun, 14 Jan 2001 15:49:02 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.9.3/8.9.3) id PAA03773; Sun, 14 Jan 2001 15:49:01 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200101142349.PAA03773@curve.dellroad.org> Subject: Re: mpd problem / multiple pptp clients behind one nat In-Reply-To: <20010113010329.5614.qmail@cube.gelatinous.com> "from danh@gelatinous.com at Jan 13, 2001 01:03:29 am" To: danh@gelatinous.com Date: Sun, 14 Jan 2001 15:49:01 -0800 (PST) Cc: net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org danh@gelatinous.com writes: > Let's say my network is set up this way: > > client1---------------\ > client2 \ > client3 freebsd gw + natd --- internet -- freebsd machine > running > mpd-netgraph > client4 / > client5 etc...-------/ You forgot that the rest of the world uses 8 character tabs instead of four.. ASCII art repaired above compliments of "expand -4" :-) > I want more than one of the client machines to connect to a vpn, > with mpd-netgraph running on the vpn server. > > This works fine for just one client, but if more than one client > tries to connect, it fails or the client already connected > loses connection. This is a known issue.. from "man libalias": BUGS PPTP aliasing does not work when more than one internal client connects to the same external server at the same time, because PPTP requires a single TCP control connection to be established between any two IP ad- dresses. Fixing it would require a non-trivial amount of work in libalias. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 15:54:16 2001 Delivered-To: freebsd-net@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 43FC537B402; Sun, 14 Jan 2001 15:53:55 -0800 (PST) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id AAA24613; Mon, 15 Jan 2001 00:53:45 +0100 (CET) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Julian Elischer Cc: Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: HEADSUP! New netgraph code coming References: <3A5567A7.A11F47E3@elischer.org> <3A566BCB.BFD6FA2D@elischer.org> <7m1yu9mdlt.wl@waterblue.imgsrc.co.jp> <3A5F1788.9AD8509A@elischer.org> <3A6233E7.E47F2E04@elischer.org> From: Dag-Erling Smorgrav Date: 15 Jan 2001 00:53:45 +0100 In-Reply-To: Julian Elischer's message of "Sun, 14 Jan 2001 15:19:03 -0800" Message-ID: Lines: 15 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Julian Elischer writes: > Dag-Erling Smorgrav wrote: > > Something is terribly broken with ng_ether at the moment. It lacks a > > MODULE_VERSION line. > is this required for something to be a depency? Yes. > Where is it documented? It's not, AFAIK. UTSL (like the rest of us) DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 17:27:32 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailxajump.edu.cn (mail.xajump.edu.cn [210.27.48.3]) by hub.freebsd.org (Postfix) with ESMTP id 2905537B400 for ; Sun, 14 Jan 2001 17:27:10 -0800 (PST) Received: from WANGZHI (ice.xajump.edu.cn [210.27.48.24]) by mailxajump.edu.cn (8.9.3/8.9.3) with ESMTP id JAA06680 for ; Mon, 15 Jan 2001 09:27:29 +0800 Date: Mon, 15 Jan 2001 09:26:20 +0800 From: wangzhi X-Mailer: The Bat! (v1.39) Educational Reply-To: wangzhi X-Priority: 3 (Normal) Message-ID: <11393.010115@xanet.edu.cn> To: freebsd-net@FreeBSD.ORG Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org auth 3e06e69a subscribe freebsd-net wangzhi@xanet.edu.cn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 14 18:47: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp2.chello.se (smtp2.chello.se [193.150.195.11]) by hub.freebsd.org (Postfix) with ESMTP id 28E9337B400 for ; Sun, 14 Jan 2001 18:46:51 -0800 (PST) Received: from palle.girgensohn.se ([193.150.249.140]) by smtp2.chello.se (InterMail vK.4.02.00.00 201-232-116 license 13ed6d939a101f33a28aa8ad6d2fac65) with ESMTP id <20010115024643.TCDF5810.smtp2@palle.girgensohn.se>; Mon, 15 Jan 2001 03:46:43 +0100 Received: from partitur.se (localhost [127.0.0.1]) by palle.girgensohn.se (8.11.1/8.11.1) with ESMTP id f0F2ki825770; Mon, 15 Jan 2001 03:46:44 +0100 (CET) (envelope-from girgen@partitur.se) Message-ID: <3A626494.A5794569@partitur.se> Date: Mon, 15 Jan 2001 03:46:44 +0100 From: Palle Girgensohn Organization: Partitur X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-STABLE i386) X-Accept-Language: sv, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: fail to build check_del example from O'Reilly's DNS & BIND Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, A bit off topic, but still. Has anyone managed to build the check_del.c (really ch09.check_del.811.c) program referenced in O'Reilly's DNS and BIND book with a decently fresh bind8 (8.2.2 or 8.2.3, in 4.2 or 4-stable). I just can't get it to link, so I'd love some tips. TIA Palle To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 1:58:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtpscan.framfab.se (smtpscan.framfab.se [195.54.96.203]) by hub.freebsd.org (Postfix) with ESMTP id 9D3F337B400; Mon, 15 Jan 2001 01:58:14 -0800 (PST) Received: (from uucp@localhost) by smtpscan.framfab.se (8.9.3/8.9.3) id KAA05152; Mon, 15 Jan 2001 10:56:09 +0100 (MET) Received: from nodnsquery(157.125.8.2) by smtpscan.framfab.se via smap (V4.0) id xma002923; Mon, 15 Jan 01 10:52:19 +0100 Received: from stoent001.framfab.se ([172.16.200.241]) by list.framfab.se (8.9.3/8.9.3) with ESMTP id KAA07068; Mon, 15 Jan 2001 10:37:38 +0100 Received: by STOENT001 with Internet Mail Service (5.5.2653.19) id ; Mon, 15 Jan 2001 10:54:21 +0100 Message-ID: From: Marcus Nissemark To: "'freebsd-net@freebsd.org'" , "'freebsd-questions@freebsd.org'" Subject: Running NAT-PT on FreeBSD 4.2? Or 3.5? Date: Mon, 15 Jan 2001 10:52:09 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm trying to get NAT-PT to work on a host with FreeBSD 4.2 (Pentium II, 200 MHz, KAME-snapshot 2001-01-08). I've compiled the kernel with the option NAT_PT in the Configuration File (from GENERIC.KAME, only the NAT_PT option changed), and I've compiled the nat-pt userland files successfully. A few modifications in the code (nothing essential) had to be done. However, I am having trouble running the natptd program and configuring the setup. My aim is to translate incoming IPv4 packets to IPv6 packets. The IPv4 packets are generated by a test tool (SMARTBIT). Translating back to IPv4 from IPv6 has to be possible too. Running natptd causes the kernel to accept packets, but dropping them later. Without natptd packets (IPv4) are routed to another host. * Has anyone had any experience in this field and would this/these person/persons like to share the information on how to do this with me? * Instructions/help/code on configuring/running/setting up this environment would be much appreciated. * Maybe changing to another version of FreeBSD can help? 3.4 or higher is the requirement of the other applications, it may be arranged so that we use another host for that, and allow the adress translation to be performed on it's own host. * Anywhere else there might be information about NAT-PT so I can read about it and try it out myself? Thanks in advance /Marcus, in Sweden. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 7:12: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id 912BE37B402; Mon, 15 Jan 2001 07:11:46 -0800 (PST) Received: from kiwi.itojun.org (localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id AAA25023; Tue, 16 Jan 2001 00:11:17 +0900 (JST) To: Marcus Nissemark Cc: "'freebsd-net@freebsd.org'" , "'freebsd-questions@freebsd.org'" In-reply-to: marcus.nissemark's message of Mon, 15 Jan 2001 10:52:09 +0100. X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: Running NAT-PT on FreeBSD 4.2? Or 3.5? From: itojun@iijlab.net Date: Tue, 16 Jan 2001 00:11:16 +0900 Message-ID: <25021.979571476@coconut.itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >I'm trying to get NAT-PT to work on a host with FreeBSD 4.2 (Pentium II, 200 >MHz, KAME-snapshot 2001-01-08). I've compiled the kernel with the option >NAT_PT in the Configuration File (from GENERIC.KAME, only the NAT_PT option >changed), and I've compiled the nat-pt userland files successfully. A few >modifications in the code (nothing essential) had to be done. > >However, I am having trouble running the natptd program and configuring the >setup. My aim is to translate incoming IPv4 packets to IPv6 packets. The >IPv4 packets are generated by a test tool (SMARTBIT). Translating back to >IPv4 from IPv6 has to be possible too. i belive you'd better use snap-users@kame.net mailing list for this question. unfortunately, the implementer (fujisawa@kame.net) is way too busy this month and may not be able to respond. anyway, i'll forward this note to snap-users@kame.net (subscription: see www.kame.net/snap-users) itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 11:26: 9 2001 Delivered-To: freebsd-net@freebsd.org Received: from overlord.e-gerbil.net (e-gerbil.net [207.91.110.247]) by hub.freebsd.org (Postfix) with ESMTP id 4E5CD37B400 for ; Mon, 15 Jan 2001 11:25:52 -0800 (PST) Received: by overlord.e-gerbil.net (Postfix, from userid 1001) id 63784E4BB9; Mon, 15 Jan 2001 14:25:32 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by overlord.e-gerbil.net (Postfix) with ESMTP id 47DEFE4BB8 for ; Mon, 15 Jan 2001 14:25:32 -0500 (EST) Date: Mon, 15 Jan 2001 14:25:32 -0500 (EST) From: "Richard A. Steenbergen" To: freebsd-net@freebsd.org Subject: Routing table run amuck? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Memory statistics by type Type Kern Type InUse MemUse HighUse Limit Requests Limit Limit Size(s) routetbl728180102400K 102401K102400K 7382248 0 0 16,32,64,128,256 100MB in use by the routing table? There are only 6 routes... :P -- Richard A Steenbergen http://www.e-gerbil.net/humble PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 11:39:21 2001 Delivered-To: freebsd-net@freebsd.org Received: from mrout2.yahoo.com (mrout2.yahoo.com [208.48.125.152]) by hub.freebsd.org (Postfix) with ESMTP id 7DE6137B400 for ; Mon, 15 Jan 2001 11:39:03 -0800 (PST) Received: from milk.yahoo.com (milk.yahoo.com [206.251.16.37]) by mrout2.yahoo.com (8.11.1/8.11.1/y.out) with ESMTP id f0FJcnr29999; Mon, 15 Jan 2001 11:38:49 -0800 (PST) Received: (from root@localhost) by milk.yahoo.com (8.11.0/8.11.0) id f0FJcn381101; Mon, 15 Jan 2001 11:38:49 -0800 (PST) (envelope-from jayanth) Date: Mon, 15 Jan 2001 11:38:49 -0800 From: jayanth To: "Richard A. Steenbergen" Cc: freebsd-net@FreeBSD.ORG Subject: Re: Routing table run amuck? Message-ID: <20010115113849.E79191@yahoo-inc.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from ras@e-gerbil.net on Mon, Jan 15, 2001 at 02:25:32PM -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Richard, what version of the OS are you running ? Also, could you do a 'netstat -p tcp' and send me the output. jayanth Richard A. Steenbergen (ras@e-gerbil.net) wrote: > Memory statistics by type Type Kern > Type InUse MemUse HighUse Limit Requests Limit Limit Size(s) > routetbl728180102400K 102401K102400K 7382248 0 0 16,32,64,128,256 > > 100MB in use by the routing table? There are only 6 routes... :P > > -- > Richard A Steenbergen http://www.e-gerbil.net/humble > PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6) > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 11:43: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from overlord.e-gerbil.net (e-gerbil.net [207.91.110.247]) by hub.freebsd.org (Postfix) with ESMTP id D302637B402 for ; Mon, 15 Jan 2001 11:42:44 -0800 (PST) Received: by overlord.e-gerbil.net (Postfix, from userid 1001) id A9FF5E4BB9; Mon, 15 Jan 2001 14:42:27 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by overlord.e-gerbil.net (Postfix) with ESMTP id 8E010E4BB8; Mon, 15 Jan 2001 14:42:27 -0500 (EST) Date: Mon, 15 Jan 2001 14:42:27 -0500 (EST) From: "Richard A. Steenbergen" To: jayanth Cc: freebsd-net@FreeBSD.ORG Subject: Re: Routing table run amuck? In-Reply-To: <20010115113849.E79191@yahoo-inc.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 15 Jan 2001, jayanth wrote: > Richard, > > what version of the OS are you running ? > Also, could you do a 'netstat -p tcp' and send me the output. 4.2-BETA presently, I'm upgrading to -stable to see if it'll go away. tcp: 1561757204 packets sent 1036973008 data packets (338855418 bytes) 322941011 data packets (3153825981 bytes) retransmitted 1045 resends initiated by MTU discovery 154311543 ack-only packets (25257367 delayed) 0 URG only packets 997452 window probe packets 3434610 window update packets 43099580 control packets 1134985164 packets received 635590712 acks (for 381546114 bytes) 286173586 duplicate acks 32814 acks for unsent data 66041001 packets (228904363 bytes) received in-sequence 15107670 completely duplicate packets (420790636 bytes) 23805 old duplicate packets 585443 packets with some dup. data (27562612 bytes duped) 32891151 out-of-order packets (87510381 bytes) 26051 packets (1222 bytes) of data after window 16 window probes 30800769 window update packets 65348 packets received after close 258406 discarded for bad checksums 2575 discarded for bad header offset fields 0 discarded because packet too short 68 connection requests 70212543 connection accepts 25559420 bad connection attempts 28343663 listen queue overflows 46789665 connections established (including accepts) 70204716 connections closed (including 36674703 drops) 6369861 connections updated cached RTT on close 6369861 connections updated cached RTT variance on close -- Richard A Steenbergen http://www.e-gerbil.net/humble PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 12:27: 1 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout04.sul.t-online.com (mailout04.sul.t-online.com [194.25.134.18]) by hub.freebsd.org (Postfix) with ESMTP id E6A2C37B69B for ; Mon, 15 Jan 2001 12:26:43 -0800 (PST) Received: from fwd02.sul.t-online.com by mailout04.sul.t-online.com with smtp id 14IGDC-0003J0-01; Mon, 15 Jan 2001 21:26:42 +0100 Received: from ramses.local (320080844193-0001@[217.2.188.65]) by fmrl02.sul.t-online.com with esmtp id 14IGD0-0V2bImC; Mon, 15 Jan 2001 21:26:30 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14IHAb-0000Lg-00 for ; Mon, 15 Jan 2001 22:28:05 +0100 Date: Mon, 15 Jan 2001 22:28:05 +0100 From: Clemens Hermann To: BSD NET-List Subject: bandwith limitation Message-ID: <20010115222805.A1276@ramses.local> Mail-Followup-To: Clemens Hermann , BSD NET-List Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi together, for quite a while I have been looking around for a way to limit the bandwith for each IP that accesses my server. I want to slow down any connektion to 128 KBit/s. The only thing I found was Dummynet in combination with ipfw. I am using ipf as firewall an for IP-accounting. It does a very good job and I really do not want to miss it. Is there any way besides dummynet to get bandwith limitation to run on my FreeBSD 4.2 box? thanks a lot /clemens To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 17: 4:12 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 81AEE37B6C4 for ; Mon, 15 Jan 2001 17:03:55 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f0G13tj02682; Mon, 15 Jan 2001 17:03:55 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101160103.f0G13tj02682@iguana.aciri.org> Subject: annoying bug on routing tables... To: net@freebsd.org Date: Mon, 15 Jan 2001 17:03:55 -0800 (PST) X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org There is an annoying bug in FreeBSD networking/routing which has been around at least since 3.4. Symptoms are -- if you change the address to an interface, packets to destinations to which you have talked to in the past will still go out with the previous address unless you delete and reinstall a route for that destination. Example: ifconfig ed0 10.0.0.1 ping 10.0.0.20 # works fine ifconfig ed0 10.0.0.2 ping 10.0.0.20 # no reply, tcpdump shows traffic coming from 10.0.0.1 route delete 10.0.0.2 ping 10.0.0.20 # now things work as expected So it seems that the old address is stored somewhere in the routing table, but "netstat -raA" does not show it (and the 'aA' flags are supposed to dump the whole tree if i get it right). Any idea on where the old address is stored ? cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 17: 7:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from mrout1.yahoo.com (mrout1.yahoo.com [208.48.125.95]) by hub.freebsd.org (Postfix) with ESMTP id 02B3B37B6C5 for ; Mon, 15 Jan 2001 17:07:24 -0800 (PST) Received: from milk.yahoo.com (milk.yahoo.com [206.251.16.37]) by mrout1.yahoo.com (8.11.1/8.11.1/y.out) with ESMTP id f0G17Js19791; Mon, 15 Jan 2001 17:07:19 -0800 (PST) Received: (from root@localhost) by milk.yahoo.com (8.11.0/8.11.0) id f0G17JM86764; Mon, 15 Jan 2001 17:07:19 -0800 (PST) (envelope-from jayanth) Date: Mon, 15 Jan 2001 17:07:19 -0800 From: jayanth To: Luigi Rizzo Cc: net@FreeBSD.ORG Subject: Re: annoying bug on routing tables... Message-ID: <20010115170719.M79191@yahoo-inc.com> References: <200101160103.f0G13tj02682@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200101160103.f0G13tj02682@iguana.aciri.org>; from rizzo@aciri.org on Mon, Jan 15, 2001 at 05:03:55PM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org check the arp cache. You might want to do a arp -ad and try again. jayanth Luigi Rizzo (rizzo@aciri.org) wrote: > There is an annoying bug in FreeBSD networking/routing which has been > around at least since 3.4. > > Symptoms are -- if you change the address to an interface, > packets to destinations to which you have talked to in the past > will still go out with the previous address unless > you delete and reinstall a route for that destination. > > Example: > ifconfig ed0 10.0.0.1 > ping 10.0.0.20 # works fine > ifconfig ed0 10.0.0.2 > ping 10.0.0.20 # no reply, tcpdump shows traffic coming from 10.0.0.1 > route delete 10.0.0.2 > ping 10.0.0.20 # now things work as expected > > So it seems that the old address is stored somewhere in the routing > table, but "netstat -raA" does not show it (and the 'aA' flags > are supposed to dump the whole tree if i get it right). > > Any idea on where the old address is stored ? > > cheers > luigi > ----------------------------------+----------------------------------------- > Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) > http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 > Phone: (510) 666 2927 > ----------------------------------+----------------------------------------- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 17:30:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id B2BC037B698 for ; Mon, 15 Jan 2001 17:30:14 -0800 (PST) Received: from kiwi.itojun.org (localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id KAA03450; Tue, 16 Jan 2001 10:30:00 +0900 (JST) To: Luigi Rizzo Cc: net@freebsd.org In-reply-to: rizzo's message of Mon, 15 Jan 2001 17:03:55 PST. <200101160103.f0G13tj02682@iguana.aciri.org> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: annoying bug on routing tables... From: itojun@iijlab.net Date: Tue, 16 Jan 2001 10:30:00 +0900 Message-ID: <3448.979608600@coconut.itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Example: > ifconfig ed0 10.0.0.1 > ping 10.0.0.20 # works fine > ifconfig ed0 10.0.0.2 > ping 10.0.0.20 # no reply, tcpdump shows traffic coming from 10.0.0.1 > route delete 10.0.0.2 > ping 10.0.0.20 # now things work as expected >So it seems that the old address is stored somewhere in the routing >table, but "netstat -raA" does not show it (and the 'aA' flags >are supposed to dump the whole tree if i get it right). >Any idea on where the old address is stored ? try using # route -n get 10.0.0.0 and you'll see rt_ifa holding pointer to 10.0.0.1. rt_ifa is used for source address selection. IMHO IPv4 code is not very friendly with multiple addresses on single interface. i believe the following items are assumed for the use of rt_ifa. - 1 interface address per a interface - interface address do not change too frequently (or set on boot time) - only destination address matters to source address selection if we do not assume the following, we should (1) compute source address every time from rt_ifp and destionation address, or (2) refresh rt_ifa every time interface address changes. not sure which one is better - (2) has problem with manually configured rt_ifa (some people controls source address selection by route -ifa). itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 17:47:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 4166737B69E for ; Mon, 15 Jan 2001 17:47:30 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f0G1lKG02966; Mon, 15 Jan 2001 17:47:20 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101160147.f0G1lKG02966@iguana.aciri.org> Subject: Re: annoying bug on routing tables... In-Reply-To: <3448.979608600@coconut.itojun.org> from "itojun@iijlab.net" at "Jan 16, 2001 10:30: 0 am" To: itojun@iijlab.net Date: Mon, 15 Jan 2001 17:47:20 -0800 (PST) Cc: rizzo@aciri.org, net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > >Any idea on where the old address is stored ? > > try using > # route -n get 10.0.0.0 > and you'll see rt_ifa holding pointer to 10.0.0.1. rt_ifa is used for > source address selection. thanks, that was it (with a -v flag to see all...) > IMHO IPv4 code is not very friendly with multiple addresses on single > interface. i believe the following items are assumed for the use > of rt_ifa. but it seems that when you change interface address the call to in_ifscrub() should take care of removing the old address... which maybe is not occurring for some reason ? cheers luigi > - interface address do not change too frequently (or set on boot time) > - only destination address matters to source address selection > if we do not assume the following, we should (1) compute source address > every time from rt_ifp and destionation address, or (2) refresh rt_ifa > every time interface address changes. not sure which one is better - > (2) has problem with manually configured rt_ifa (some people controls > source address selection by route -ifa). > > itojun > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 17:52:50 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id E63AC37B69F for ; Mon, 15 Jan 2001 17:52:32 -0800 (PST) Received: from kiwi.itojun.org (localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id KAA03814; Tue, 16 Jan 2001 10:52:28 +0900 (JST) To: Luigi Rizzo Cc: net@FreeBSD.ORG In-reply-to: rizzo's message of Mon, 15 Jan 2001 17:47:20 PST. <200101160147.f0G1lKG02966@iguana.aciri.org> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: annoying bug on routing tables... From: itojun@iijlab.net Date: Tue, 16 Jan 2001 10:52:28 +0900 Message-ID: <3812.979609948@coconut.itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >> IMHO IPv4 code is not very friendly with multiple addresses on single >> interface. i believe the following items are assumed for the use >> of rt_ifa. >but it seems that when you change interface address the call to >in_ifscrub() should take care of removing the old address... which >maybe is not occurring for some reason ? rtinit() do not seem to take care about cloned routes. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 21:44:10 2001 Delivered-To: freebsd-net@freebsd.org Received: from tinuviel.compendium.net.ar (usat2-00222.usateleport.com [208.248.183.222]) by hub.freebsd.org (Postfix) with ESMTP id DBF3237B400 for ; Mon, 15 Jan 2001 21:43:52 -0800 (PST) Received: by tinuviel.compendium.net.ar (Postfix, from userid 1000) id 75248196767; Tue, 16 Jan 2001 02:43:19 -0300 (ART) Date: Tue, 16 Jan 2001 02:43:19 -0300 To: freebsd-net@freebsd.org Subject: Problem with gif tunnel: nd6_lookup: failed to add route for a neighbor Message-ID: <20010116024319.B8183@tinuviel.compendium.net.ar> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Mutt/1.3.12i x-attribution: HoraPe From: horape@tinuviel.compendium.net.ar Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hola! I'm experimenting with ipv6 and i need some help. I've a gif tunnel between a FBSD 4.0 and a FBSD 4.2. In the 4.2 side i get lots of messages like: Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for a neig= hbor(3ffe:2900:b00d:ff00::0002), errno=3D17 Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for a neig= hbor(3ffe:2900:000b:000d::0001), errno=3D17 each time i use such tunnel I've looked at some search engines and know it's a common problem but no known solution (i'm tempted to recompile commenting out the log call) Is somebody able to help me? gif_interfaces=3D"gif0 gif1" gifconfig_gif1=3D"208.248.183.254 193.146.180.27" ifconfig_gif1=3D"inet6 3ffe:2900:b00d:ff00::1 3ffe:2900:b00d:ff00::2" Thanks, HoraPe --- Horacio J. Pe=F1a horape@compendium.com.ar horape@uninet.edu bofh@puntoar.net.ar horape@hcdn.gov.ar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 21:49:51 2001 Delivered-To: freebsd-net@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 980B637B401 for ; Mon, 15 Jan 2001 21:49:32 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.1/8.11.1) id f0G5qpD07440; Mon, 15 Jan 2001 21:52:51 -0800 (PST) (envelope-from kris) Date: Mon, 15 Jan 2001 21:52:51 -0800 From: Kris Kennaway To: horape@tinuviel.compendium.net.ar Cc: freebsd-net@FreeBSD.ORG Subject: Re: Problem with gif tunnel: nd6_lookup: failed to add route for a neighbor Message-ID: <20010115215251.A7394@citusc17.usc.edu> References: <20010116024319.B8183@tinuviel.compendium.net.ar> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="J2SCkAp4GZ/dPZZf" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010116024319.B8183@tinuviel.compendium.net.ar>; from horape@tinuviel.compendium.net.ar on Tue, Jan 16, 2001 at 02:43:19AM -0300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --J2SCkAp4GZ/dPZZf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 16, 2001 at 02:43:19AM -0300, horape@tinuviel.compendium.net.ar= wrote: > Hola! >=20 > I'm experimenting with ipv6 and i need some help. I've a gif > tunnel between a FBSD 4.0 and a FBSD 4.2. >=20 > In the 4.2 side i get lots of messages like: >=20 > Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for a ne= ighbor(3ffe:2900:b00d:ff00::0002), errno=3D17 > Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for a ne= ighbor(3ffe:2900:000b:000d::0001), errno=3D17 >=20 > each time i use such tunnel >=20 > I've looked at some search engines and know it's a common problem but no > known solution (i'm tempted to recompile commenting out the log call) Your address prefix length is incorrect..can't remember what the correct value should be off the top of my head, but it's come up before so it should be in the archives upon closer examination. It's a common mistake - a FAQ question/answer would probably be in order (could you write a doc PR once you've fixed it?). =20 Kris --J2SCkAp4GZ/dPZZf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjpj4bMACgkQWry0BWjoQKU9iQCeMqarzZfj3hQ53rDUnHgtu+ch v/wAoI6zI2qsqKIPZxFXu/0mcy2k+KFf =5t9Z -----END PGP SIGNATURE----- --J2SCkAp4GZ/dPZZf-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 21:59: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from tinuviel.compendium.net.ar (usat2-00222.usateleport.com [208.248.183.222]) by hub.freebsd.org (Postfix) with ESMTP id 5422E37B400; Mon, 15 Jan 2001 21:58:46 -0800 (PST) Received: by tinuviel.compendium.net.ar (Postfix, from userid 1000) id 35DE119672F; Tue, 16 Jan 2001 02:58:03 -0300 (ART) Date: Tue, 16 Jan 2001 02:58:03 -0300 To: Kris Kennaway Cc: freebsd-net@FreeBSD.ORG Subject: Re: Problem with gif tunnel: nd6_lookup: failed to add route for a neighbor Message-ID: <20010116025802.A9040@tinuviel.compendium.net.ar> References: <20010116024319.B8183@tinuviel.compendium.net.ar> <20010115215251.A7394@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Mutt/1.3.12i In-Reply-To: <20010115215251.A7394@citusc17.usc.edu>; from kris@FreeBSD.ORG on Mon, Jan 15, 2001 at 09:52:51PM -0800 x-attribution: HoraPe From: horape@tinuviel.compendium.net.ar Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org =A1Hola! > > I'm experimenting with ipv6 and i need some help. I've a gif > > tunnel between a FBSD 4.0 and a FBSD 4.2. > >=20 > > In the 4.2 side i get lots of messages like: > >=20 > > Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for a = neighbor(3ffe:2900:b00d:ff00::0002), errno=3D17 > > Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for a = neighbor(3ffe:2900:000b:000d::0001), errno=3D17 > >=20 > > each time i use such tunnel > >=20 > > I've looked at some search engines and know it's a common problem but no > > known solution (i'm tempted to recompile commenting out the log call) >=20 > Your address prefix length is incorrect..can't remember what the > correct value should be off the top of my head, but it's come up > before so it should be in the archives upon closer examination. It looks like 128 is the "right" prefixlen. Problem is that my upstream provider (Sprint) wants to use 64 as prefixlen (IMHO FBSD is ok, but it seems to be the common practice to assign /64 to tunnels) > It's a common mistake - a FAQ question/answer would probably be in > order (could you write a doc PR once you've fixed it?). What's a PR? > Kris Thanks a lot, HoraPe --- Horacio J. Pe=F1a horape@compendium.com.ar horape@uninet.edu bofh@puntoar.net.ar horape@hcdn.gov.ar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 15 22: 0:21 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.simplexi.com (unknown [203.231.63.2]) by hub.freebsd.org (Postfix) with ESMTP id 85E9137B404 for ; Mon, 15 Jan 2001 21:59:58 -0800 (PST) Received: from chulwon (cwmin [203.231.63.178]) by mail.simplexi.com (8.9.3/8.9.3) with SMTP id PAA30575 for ; Tue, 16 Jan 2001 15:00:11 +0900 Message-ID: <000901c07f81$1323dcc0$b23fe7cb@chulwon> From: =?ks_c_5601-1987?B?uc7Dtr/4?= To: Subject: LVS problem Date: Tue, 16 Jan 2001 14:56:30 +0900 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0005_01C07FCC.82AE70A0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0005_01C07FCC.82AE70A0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0006_01C07FCC.82AE70A0" ------=_NextPart_001_0006_01C07FCC.82AE70A0 Content-Type: text/plain; charset="ks_c_5601-1987" Content-Transfer-Encoding: base64 ICAgICAgICAgDQogIA0K ------=_NextPart_001_0006_01C07FCC.82AE70A0 Content-Type: text/html; charset="ks_c_5601-1987" Content-Transfer-Encoding: base64 PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWtz X2NfNTYwMS0xOTg3IiBodHRwLWVxdWl2PUNvbnRlbnQtVHlwZT4NCjxNRVRBIGNvbnRlbnQ9Ik1T SFRNTCA1LjAwLjI2MTQuMzUwMCIgbmFtZT1HRU5FUkFUT1I+DQo8U1RZTEU+PC9TVFlMRT4NCjwv SEVBRD4NCjxCT0RZIGJnQ29sb3I9I2ZmZmZmZj4NCjxESVY+PEZPTlQgc2l6ZT0yPiZuYnNwOyZu YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyA8QlI+Jm5ic3A7IA0KPC9G T05UPjwvRElWPjwvQk9EWT48L0hUTUw+DQo= ------=_NextPart_001_0006_01C07FCC.82AE70A0-- ------=_NextPart_000_0005_01C07FCC.82AE70A0 Content-Type: application/octet-stream; name="LVS problem" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="LVS problem" Hello, I am setting up a LVS/DR cluster with 2 nodes(FreeBSD), but It doesn't = work.=20 Here is my network configuration; Internet (203.231.63.70 is Virtual IP) | | =20 Router (203.231.63.0/24 network) | | <----- eth0 : 203.231.63.74 =20 LVS(Linux)=20 | <----- eth1 : 203.231.63.70 (VIP)=20 | ------------------ | |=20 SVR1 SVR2 <-- Real Servers are FreeBSD = 4.2-RELEASE =20 fxp0 : 203.231.63.70 203.231.63.70 (VIP) fxp1 : 203.231.63.71 203.231.63.72 (Real IP) =20 =20 ----] in Load Valancing Server(203.231.63.74); =20 [root@ha1 log]# ifconfig -a eth0 Link encap:Ethernet HWaddr 00:10:5A:80:D7:FF =20 inet addr:203.231.63.74 Bcast:203.231.63.255 = Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 =20 eth1 Link encap:Ethernet HWaddr 00:10:5A:76:02:49 =20 inet addr:203.231.63.70 Bcast:203.231.63.70 = Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 =20 lo Link encap:Local Loopback =20 inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:3924 Metric:1 =20 [root@LVS /]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref = Use Iface 203.231.63.70 0.0.0.0 255.255.255.255 UH 0 0 = 0 eth1 203.231.63.74 0.0.0.0 255.255.255.255 UH 0 0 = 0 eth0 203.231.63.0 0.0.0.0 255.255.255.0 U 0 0 = 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 = 0 lo 0.0.0.0 203.231.63.254 0.0.0.0 UG 0 0 = 0 eth0 =20 [root@LVS /]# sysctl -p =20 net.ipv4.ip_forward =3D 1 =20 net.ipv4.conf.all.rp_filter =3D 1 net.ipv4.ip_always_defrag =3D 0 =20 kernel.sysrq =3D 0 =20 [root@LVS /]# vi /etc/ha.d/conf/ldirectord.cf=20 timeout=3D3 =20 checkinterval=3D5 =20 autoreload=3Dno =20 fallback=3D127.0.0.1:80 =20 virtual=3D203.231.63.70:80 =20 real=3D203.231.63.71:80 gate 1 =20 real=3D203.231.63.72:80 gate 1 =20 service=3Dhttp =20 request=3D"index.html" =20 receive=3D"Test Page" =20 scheduler=3Drr =20 protocol=3Dtcp =20 =20 ----] in Real Server(231.63.71,72); =20 =20 SVR1# ifconfig -a =20 fxp0: flags=3D8843 mtu 1500 = inet 203.231.63.70 netmask 0xffffffff broadcast 203.231.63.70 = =20 fxp1: flags=3D8843 mtu 1500 inet 203.231.63.72 netmask 0xffffff00 broadcast 203.231.63.255 = =20 =20 SVR2 in the same way.. ******* Problem: 1. LVS dosen't forward http request packet to the real server.. 2. I don't know how FreeBSD(real server) can avoid arp request.. About first problem:=20 =20 Client try to connect 203.231.63.70:80, but LVS doesn't reply to that = SYN packet.. :-(=20 =20 There are 2 things that seems odd.. =20 First, When I start up ldirectord, output is like this.. =20 [root@LVS /]# /etc/rc.d/init.d/ldirectord start Starting ldirectord [ OK ] =20 [root@LVS /]# vi /var/log/ldirectord.log =20 ...... [Tue Jan 16 13:47:48 2001..] Starting Linux Director Daemon = =20 [Tue Jan 16 13:47:48 2001..] Adding virtual server: 203.231.63.70:80 = =20 [Tue Jan 16 13:47:48 2001..] Starting fallback server for: = 203.231.63.70:80 =20 [Tue Jan 16 13:47:49 2001..] Adding real server: 203.231.63.71:80 = (1*203.231.63.70:80) =20 [Tue Jan 16 13:47:49 2001..] Turning off fallback server for: = 203.231.63.70:80 =20 [Tue Jan 16 13:47:49 2001..] system(/sbin/ipvsadm -a -t = 203.231.63.70:80 -R 203.231.63.72:80 -g -w 1) failed [Tue Jan 16 13:47:49 2001..] Adding real server: 203.231.63.72:80 = (2*203.231.63.70:80) =20 ...... =20 =20 system(/sbin/ipvsadm -a -t 203.231.63.70:80 -R 203.231.63.72:80 -g -w = 1) failed =20 **Why this error occured?? What should I do to eliminate this error = message?? = =20 =20 Second, Here's my ipvsadm output: =20 [root@LVS /]# ipvsadm -L -n =20 IP Virtual Server version 0.9.7 (size=3D4096) = =20 Prot LocalAddress:Port Scheduler Flags =20 -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 203.231.63.70:www rr =20 -> 255.255.255.255:52199 Masq 4194304 0 0 =20 =20 Last output line seems wrong,, I think It should look like this.. = right? =20 TCP 203.231.63.70:www rr =20 -> 203.231.63.71:80 gate(?) 1 0 0 =20 -> 203.231.63.72:80 gate(?) 1 0 0 =20 =20 **How can I fix this thing?? =20 =20 Second problem: =20 As you know.. in LVS cluster, real servers should not reply to arp = request that=20 asks VIP's MAC address.. Only LVS should reply to that arp request.. I have an idea about it.. Let the real server reply to client's arp = request(for VIP)=20 with LVS's hardware address.. then all client's packet that towards = VIP go to the LVS.. That's a good idea.. so I commanded like this.. =20 arp -s 203.231.63.70 00:10:5A:76:02:49 pub =20 203.231.63.70 is VIP and 00:10:5A:76:02:49 is LVS's MAC address.. =20 I got a meessage : set: proxy entry exists for non 802 device=20 =20 without 'pub' flag : =20 set: can only proxy for 203.231.63.70 =20 ***What is this message means??=20 ***ARP reply with another MAC address is impossible?? ***How can I solve this arp problem?? =20 Thanks in advance.. ------=_NextPart_000_0005_01C07FCC.82AE70A0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 2:48:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from oulu.fi (ousrvr.oulu.fi [130.231.240.1]) by hub.freebsd.org (Postfix) with ESMTP id 6D04D37B404; Tue, 16 Jan 2001 02:47:44 -0800 (PST) Received: from ee.oulu.fi (ees2.oulu.fi [130.231.61.23]) by oulu.fi (8.8.5/8.8.5) with ESMTP id MAA00753; Tue, 16 Jan 2001 12:47:31 +0200 (EET) Received: from stekt56 (stekt56 [130.231.60.96]) by ee.oulu.fi (8.11.1/8.11.1) with ESMTP id f0GAlUI16924; Tue, 16 Jan 2001 12:47:31 +0200 (EET) Date: Tue, 16 Jan 2001 12:47:30 +0200 (EET) From: Ana Romero X-Sender: To: Questions FreeBSD , , Mobile FreeBSD Subject: About Hierarchical MobileIPv6 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi all!! What do you know about merging HMIPv6 in FreeBSD? I´ve found in http://www.freebsd.org/news/sou1999.html that INRIA agreed to merge his code in freeBSD. I want to install it in my computer, have you ever done it? I have the code files but I need some hints. Ana To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 5:45:18 2001 Delivered-To: freebsd-net@freebsd.org Received: from mta09.onebox.com (mta09.onebox.com [216.35.104.109]) by hub.freebsd.org (Postfix) with ESMTP id 23D2B37B404 for ; Tue, 16 Jan 2001 05:45:01 -0800 (PST) Received: from onebox.com ([216.33.158.148]) by mta09.onebox.com (InterMail vM.4.01.03.00 201-229-121) with SMTP id <20010116134500.RBVS6697.mta09.onebox.com@onebox.com> for ; Tue, 16 Jan 2001 05:45:00 -0800 Received: from [203.155.35.90] by onebox.com with HTTP; Tue, 16 Jan 2001 05:45:00 -0800 Date: Tue, 16 Jan 2001 05:45:00 -0800 Subject: How to send mail on behave of other domains. From: "Chutima S." To: freebsd-net@FreeBSD.ORG Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit MIME-Version: 1.0 Message-Id: <20010116134500.RBVS6697.mta09.onebox.com@onebox.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi I setup mail server for our office users send mail to Internet with domain name YYY.net. But there are some users register their own domain name XXX.net. They want to send mail out from our mail server. Most of their mail is OK but there are some mail servers out there reject some mails from them. Because domain name at Sender field(user@XXX.net) and Host(mail.YYY.net) is mismatch. How do I config my sendmail.cf for them can use for send mail out? Thks Chutima S. -- Chutima Subsirin chutima_s@zdnetonebox.com - email (202) 777-2641 ext. 6020 - voicemail/fax ___________________________________________________________________ To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, all in one place - sign up today at http://www.zdnetonebox.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 8:31:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id A574837B401 for ; Tue, 16 Jan 2001 08:30:58 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id LAA07998; Tue, 16 Jan 2001 11:30:56 -0500 (EST) (envelope-from wollman) Date: Tue, 16 Jan 2001 11:30:56 -0500 (EST) From: Garrett Wollman Message-Id: <200101161630.LAA07998@khavrinen.lcs.mit.edu> To: Luigi Rizzo Cc: net@FreeBSD.ORG Subject: annoying bug on routing tables... In-Reply-To: <200101160103.f0G13tj02682@iguana.aciri.org> References: <200101160103.f0G13tj02682@iguana.aciri.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > Symptoms are -- if you change the address to an interface, > packets to destinations to which you have talked to in the past > will still go out with the previous address unless > you delete and reinstall a route for that destination. Yes. The address deletion code is supposed to make sure that everything gets cleaned up, but it doesn't actually work in practice. (My fault in part.) -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 8:39:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from unity.copyleft.no (unity.copyleft.no [212.71.72.23]) by hub.freebsd.org (Postfix) with ESMTP id 5FF5637B402 for ; Tue, 16 Jan 2001 08:38:53 -0800 (PST) Received: from martin by unity.copyleft.no with local (Exim 3.12 #1) id 14IZ8A-00077y-00; Tue, 16 Jan 2001 17:38:46 +0100 Date: Tue, 16 Jan 2001 17:38:46 +0100 From: Martin Eggen To: Clemens Hermann Cc: BSD NET-List Subject: Re: bandwith limitation Message-ID: <20010116173846.A27210@unity.copyleft.no> References: <20010115222805.A1276@ramses.local> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010115222805.A1276@ramses.local>; from haribeau@gmx.de on Mon, Jan 15, 2001 at 10:28:05PM +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [Clemens Hermann] > Hi together, > > for quite a while I have been looking around for a way to limit the bandwith > for each IP that accesses my server. I want to slow down any connektion > to 128 KBit/s. > The only thing I found was Dummynet in combination with ipfw. I am using > ipf as firewall an for IP-accounting. It does a very good job and I > really do not want to miss it. Is there any way besides dummynet to get > bandwith limitation to run on my FreeBSD 4.2 box? You might want to take a look at ALTQ[0] from the KAME people, or just use ipfw with a default pass all rule (or IPFIREWALL_DEFAULT_ACCEPT), so that it's only used for bw limiting. (The packets will then first go through ipfw, and then through ipf, IIRC). [0] http://www.csl.sony.co.jp/person/kjc/software.html#ALTQ -- Martin Eggen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9: 2:12 2001 Delivered-To: freebsd-net@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 2697A37B401 for ; Tue, 16 Jan 2001 09:01:39 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.0/8.11.0) id f0GGrDU75776; Tue, 16 Jan 2001 18:53:13 +0200 (EET) (envelope-from ru) Date: Tue, 16 Jan 2001 18:53:13 +0200 From: Ruslan Ermilov To: Garrett Wollman Cc: Luigi Rizzo , net@FreeBSD.ORG Subject: Re: annoying bug on routing tables... Message-ID: <20010116185313.B67837@sunbay.com> Mail-Followup-To: Garrett Wollman , Luigi Rizzo , net@FreeBSD.ORG References: <200101160103.f0G13tj02682@iguana.aciri.org> <200101161630.LAA07998@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101161630.LAA07998@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Tue, Jan 16, 2001 at 11:30:56AM -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Jan 16, 2001 at 11:30:56AM -0500, Garrett Wollman wrote: > < said: > > > Symptoms are -- if you change the address to an interface, > > packets to destinations to which you have talked to in the past > > will still go out with the previous address unless > > you delete and reinstall a route for that destination. > > Yes. The address deletion code is supposed to make sure that > everything gets cleaned up, but it doesn't actually work in practice. > (My fault in part.) > kern/20785. I hope to find some spare time to handle it... Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9: 5: 5 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id 224DA37B400; Tue, 16 Jan 2001 09:04:47 -0800 (PST) Received: from kiwi.itojun.org (localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id CAA14577; Wed, 17 Jan 2001 02:04:26 +0900 (JST) To: horape@tinuviel.compendium.net.ar Cc: Kris Kennaway , freebsd-net@FreeBSD.ORG In-reply-to: horape's message of Tue, 16 Jan 2001 02:58:03 -0300. <20010116025802.A9040@tinuviel.compendium.net.ar> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: Problem with gif tunnel: nd6_lookup: failed to add route for a neighbor From: itojun@iijlab.net Date: Wed, 17 Jan 2001 02:04:26 +0900 Message-ID: <14575.979664666@coconut.itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >> > Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for a = >neighbor(3ffe:2900:000b:000d::0001), errno=3D17 >> >=20 >> > each time i use such tunnel >> >=20 >> > I've looked at some search engines and know it's a common problem but no >> > known solution (i'm tempted to recompile commenting out the log call) >>=20 >> Your address prefix length is incorrect..can't remember what the >> correct value should be off the top of my head, but it's come up >> before so it should be in the archives upon closer examination. >It looks like 128 is the "right" prefixlen. Problem is that my upstream >provider (Sprint) wants to use 64 as prefixlen (IMHO FBSD is ok, but it >seems to be the common practice to assign /64 to tunnels) you need to configure like either: # ifconfig gif0 3ffe:2900:000b:000d::1 3ffe:2900:000b:000d::2 \ prefixlen 128 alias # ifconfig gif0 3ffe:2900:000b:000d::1 prefixlen 64 alias if you specify both your and peer's address, you need to set prefixlen to 128. if you specify prefixlen to 64, the peer's address is not necessary (it will get discovered automatically). actually, the prefix length on p2p interface does not, and should not really matter. (the separate problem is that there are multiple interpretation of p2p in the world - major ones are gated interpretation and cisco interpretation) we (as KAME) will try to improve the behavior, like non-working ones get rejected on ifconfig time or such. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9:12:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id C33A237B401 for ; Tue, 16 Jan 2001 09:12:02 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id JAA00891; Tue, 16 Jan 2001 09:12:58 -0800 Date: Tue, 16 Jan 2001 09:12:58 -0800 From: Kris Kennaway To: horape@tinuviel.compendium.net.ar Cc: freebsd-net@FreeBSD.ORG Subject: Re: Problem with gif tunnel: nd6_lookup: failed to add route for a neighbor Message-ID: <20010116091258.A857@citusc.usc.edu> References: <20010116024319.B8183@tinuviel.compendium.net.ar> <20010115215251.A7394@citusc17.usc.edu> <20010116025802.A9040@tinuviel.compendium.net.ar> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="2oS5YaxWCcQjTEyO" Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20010116025802.A9040@tinuviel.compendium.net.ar>; from horape@tinuviel.compendium.net.ar on Tue, Jan 16, 2001 at 02:58:03AM -0300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --2oS5YaxWCcQjTEyO Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 16, 2001 at 02:58:03AM -0300, horape@tinuviel.compendium.net.ar= wrote: > =A1Hola! >=20 > > > I'm experimenting with ipv6 and i need some help. I've a gif > > > tunnel between a FBSD 4.0 and a FBSD 4.2. > > >=20 > > > In the 4.2 side i get lots of messages like: > > >=20 > > > Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for = a neighbor(3ffe:2900:b00d:ff00::0002), errno=3D17 > > > Jan 16 02:34:05 ipv6-gw /kernel: nd6_lookup: failed to add route for = a neighbor(3ffe:2900:000b:000d::0001), errno=3D17 > > >=20 > > > each time i use such tunnel > > >=20 > > > I've looked at some search engines and know it's a common problem but= no > > > known solution (i'm tempted to recompile commenting out the log call) > >=20 > > Your address prefix length is incorrect..can't remember what the > > correct value should be off the top of my head, but it's come up > > before so it should be in the archives upon closer examination. >=20 > It looks like 128 is the "right" prefixlen. Problem is that my upstream > provider (Sprint) wants to use 64 as prefixlen (IMHO FBSD is ok, but it > seems to be the common practice to assign /64 to tunnels) Hmm, not sure what can be done about that.=20 > > It's a common mistake - a FAQ question/answer would probably be in > > order (could you write a doc PR once you've fixed it?). >=20 > What's a PR? Problem Report - it's the submission mechanism for changes and patches, as well as bugs. You can submit one from the command-line using send-pr with the doc patches if/when you write them (if you're not familiar with docbook then ascii text is also fine), or using the web interface at www.freebsd.org/send-pr.html Kris --2oS5YaxWCcQjTEyO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6ZIEaWry0BWjoQKURAseqAJ9MyT+nVOwNbkC2XMixLAdCGHzH3ACeI2EG 4OtVPZEbIgiX5NUI+PawCjo= =S/Ty -----END PGP SIGNATURE----- --2oS5YaxWCcQjTEyO-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9:20:31 2001 Delivered-To: freebsd-net@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id 7657D37B401 for ; Tue, 16 Jan 2001 09:20:13 -0800 (PST) Received: from sv.Go2France.com (sv.meiway.com [212.73.210.79]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id F30416A90F for ; Tue, 16 Jan 2001 18:20:07 +0100 (CET) Message-Id: <5.0.2.1.0.20010116180407.056deda0@mail.Go2France.com> X-Sender: lconrad%Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Date: Tue, 16 Jan 2001 18:18:17 +0100 To: freebsd-net@freebsd.org From: Len Conrad Subject: arp bp's Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We have a FreeBSD 3.1R machine as our main router uplinking to a Cisco 3620 (back to back, no switch). All works well, and had for months. After a reboot of cisco and freebsd, all still works well, but we cannot ping cisco inside to fbsd outside (the back to back interfaces with x-over cable), plus when we traceroute up to internet, all we get is * * * when traversing that link, followed by normal traceoute behavior. This link carries several a gigabyte of traffic a day in both directions without pb's, but we have this problem with that link. dmesg shows tons of: arpresolve: can't allocate llinfo for 255.255.255.252rt arplookup 255.255.255.252 failed: host is not on local network arpresolve: can't allocate llinfo for 255.255.255.252rt arplookup 255.255.255.252 failed: host is not on local network arpresolve: can't allocate llinfo for 255.255.255.252rt and /var/log/messages shows: Jan 16 18:03:49 gw1 /kernel: arplookup 255.255.255.252 failed: host is not on local network Jan 16 18:03:49 gw1 /kernel: arpresolve: can't allocate llinfo for 255.255.255.252rt Jan 16 18:03:51 gw1 /kernel: arplookup 255.255.255.252 failed: host is not on local network Jan 16 18:03:51 gw1 /kernel: arpresolve: can't allocate llinfo for 255.255.255.252rt Jan 16 18:03:52 gw1 /kernel: arplookup 255.255.255.252 failed: host is not on local network Jan 16 18:03:52 gw1 /kernel: arpresolve: can't allocate llinfo for 255.255.255.252rt 255.255.255.252 is of course not an ip address but a netmask on the two of the 3 xl0 cards in that machine. ifconfig -a shows nothing strange stumped Len To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9:32:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id 3F8BB37B401; Tue, 16 Jan 2001 09:32:16 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id JAA19489; Tue, 16 Jan 2001 09:32:15 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.9.3/8.9.3) id JAA09777; Tue, 16 Jan 2001 09:32:15 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200101161732.JAA09777@curve.dellroad.org> Subject: Re: annoying bug on routing tables... In-Reply-To: <20010116185313.B67837@sunbay.com> "from Ruslan Ermilov at Jan 16, 2001 06:53:13 pm" To: Ruslan Ermilov Date: Tue, 16 Jan 2001 09:32:15 -0800 (PST) Cc: Garrett Wollman , Luigi Rizzo , net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ruslan Ermilov writes: > > > Symptoms are -- if you change the address to an interface, > > > packets to destinations to which you have talked to in the past > > > will still go out with the previous address unless > > > you delete and reinstall a route for that destination. > > > > Yes. The address deletion code is supposed to make sure that > > everything gets cleaned up, but it doesn't actually work in practice. > > (My fault in part.) > > > kern/20785. I hope to find some spare time to handle it... See also kern/10778, which may be related. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9:45:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout04.sul.t-online.com (mailout04.sul.t-online.com [194.25.134.18]) by hub.freebsd.org (Postfix) with ESMTP id C3BC137B404 for ; Tue, 16 Jan 2001 09:44:59 -0800 (PST) Received: from fwd06.sul.t-online.com by mailout04.sul.t-online.com with smtp id 14Ia9s-0007bI-05; Tue, 16 Jan 2001 18:44:36 +0100 Received: from ramses.local (320080844193-0001@[217.2.172.82]) by fmrl06.sul.t-online.com with esmtp id 14Ia9W-1KZ4SWC; Tue, 16 Jan 2001 18:44:14 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14Ib75-0000aI-00; Tue, 16 Jan 2001 19:45:47 +0100 Date: Tue, 16 Jan 2001 19:45:47 +0100 From: Clemens Hermann To: Martin Eggen Cc: freebsd-net@freebsd.org Subject: Re: bandwith limitation Message-ID: <20010116194547.A1319@ramses.local> Mail-Followup-To: Clemens Hermann , Martin Eggen , freebsd-net@freebsd.org References: <20010115222805.A1276@ramses.local> <20010116173846.A27210@unity.copyleft.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010116173846.A27210@unity.copyleft.no> von Martin Eggen am 16.Jan.2001 um 17:38:46 (+0100) X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Am 16.01.2001 um 17:38:46 schrieb Martin Eggen: Hi Martin, thanks a lot for your hints. > You might want to take a look at ALTQ[0] from the KAME people, or just use > ipfw with a default pass all rule (or IPFIREWALL_DEFAULT_ACCEPT), so that > it's only used for bw limiting. (The packets will then first go through > ipfw, and then through ipf, IIRC). so it is definitely impossible that a packet that passes ipfw (as every packet does) enters the system even if ipf says "no", right? I have some additional questions concerning the ipfw approach: - is it in general a bad thing to have ipf/ipfw together running on one machine or ist it just o.k. to have ipf as firewall and IP-accounting and ipfw for bandwith limitations? - is there a performance loss worth mentioning in using both tools compared to only have ipfw running for all purposes? - does the bandwith-limitation that ipfw/dummynet offer tear down the effective bandwith of my server? - does the bandwith-limitation (ipfw) cost a lot of cpu/memory performance? thanks a lot for your help /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9:55:30 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 68D1137B401 for ; Tue, 16 Jan 2001 09:55:13 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f0GHstB09523; Tue, 16 Jan 2001 09:54:55 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101161754.f0GHstB09523@iguana.aciri.org> Subject: Re: bandwith limitation In-Reply-To: <20010116194547.A1319@ramses.local> from Clemens Hermann at "Jan 16, 2001 7:45:47 pm" To: haribeau@gmx.de (Clemens Hermann) Date: Tue, 16 Jan 2001 09:54:55 -0800 (PST) Cc: martin@copyleft.no, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > so it is definitely impossible that a packet that passes ipfw (as every > packet does) enters the system even if ipf says "no", right? you have to look at the order of invokation of ipfw and ipfw in the kernel (/sys/netinet/ip_{input,output}.c) to make sure what happens. > I have some additional questions concerning the ipfw approach: > > - is it in general a bad thing to have ipf/ipfw together running on one > machine or ist it just o.k. to have ipf as firewall and IP-accounting > and ipfw for bandwith limitations? it is not bad, though you end up using two different packages and maybe do the classification twice. As far as i can tell the only real advantage of ipf is that you can do NAT in the kernel, for all the rest (including stateful filtering) ipfw is pretty much on par. The classification performance should be essentially the same -- both filters use the same technique for matching. > - is there a performance loss worth mentioning in using both tools > compared to only have ipfw running for all purposes? probably not. see above. > - does the bandwith-limitation that ipfw/dummynet offer tear down the > effective bandwith of my server? that is exactly what you want to do, right ? seriously, the shaper per se has very little cpu overhead (though you have to classify packets, but that is a price you have to pay anyways). Memorywise you need the buffers to store the packets that are delayed -- not a big deal unless you want to do something real unusual. > - does the bandwith-limitation (ipfw) cost a lot of cpu/memory > performance? see above cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 9:59:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id 5AE8537B404 for ; Tue, 16 Jan 2001 09:59:27 -0800 (PST) Received: from sv.Go2France.com (sv.meiway.com [212.73.210.79]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id 380676A910 for ; Tue, 16 Jan 2001 18:59:25 +0100 (CET) Message-Id: <5.0.2.1.0.20010116185535.05c80390@mail.Go2France.com> X-Sender: lconrad%Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Date: Tue, 16 Jan 2001 18:57:34 +0100 To: freebsd-net@freebsd.org From: Len Conrad Subject: Re: arp pb's : correction In-Reply-To: <5.0.2.1.0.20010116180407.056deda0@mail.Go2France.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >We have a FreeBSD 3.1R machine as our main router uplinking to a >Cisco 3620 (back to back, no switch). > >All works well, and had for months. After a reboot of cisco and >freebsd, all still works well, but we cannot ping cisco inside to >fbsd outside (the back to back interfaces with x-over cable), plus >when we traceroute up to internet, all we get is * * * when >traversing that link, followed by normal traceoute behavior. > >This link carries several a gigabyte of traffic a day in both >directions without pb's, but we have this problem with that link. I found a garbage route had crept into my routing table with a gateway of 255.255.255.252. So that's fixed the arp complaints but the above pb persists. >dmesg shows tons of: > >arpresolve: can't allocate llinfo for 255.255.255.252rt >arplookup 255.255.255.252 failed: host is not on local network >arpresolve: can't allocate llinfo for 255.255.255.252rt >arplookup 255.255.255.252 failed: host is not on local network >arpresolve: can't allocate llinfo for 255.255.255.252rt > > >and /var/log/messages shows: > >Jan 16 18:03:49 gw1 /kernel: arplookup 255.255.255.252 failed: host >is not on local network >Jan 16 18:03:49 gw1 /kernel: arpresolve: can't allocate llinfo for >255.255.255.252rt >Jan 16 18:03:51 gw1 /kernel: arplookup 255.255.255.252 failed: host >is not on local network >Jan 16 18:03:51 gw1 /kernel: arpresolve: can't allocate llinfo for >255.255.255.252rt >Jan 16 18:03:52 gw1 /kernel: arplookup 255.255.255.252 failed: host >is not on local network >Jan 16 18:03:52 gw1 /kernel: arpresolve: can't allocate llinfo for >255.255.255.252rt > >255.255.255.252 is of course not an ip address but a netmask on the >two of the 3 xl0 cards in that machine. > >ifconfig -a shows nothing strange To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 10: 9:25 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id D75F137B402; Tue, 16 Jan 2001 10:09:06 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id KAA19691; Tue, 16 Jan 2001 10:09:06 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.9.3/8.9.3) id KAA09927; Tue, 16 Jan 2001 10:09:04 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200101161809.KAA09927@curve.dellroad.org> Subject: Re: HEADSUP! New netgraph code coming In-Reply-To: "from Dag-Erling Smorgrav at Jan 15, 2001 00:53:45 am" To: Dag-Erling Smorgrav Date: Tue, 16 Jan 2001 10:09:04 -0800 (PST) Cc: Julian Elischer , Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dag-Erling Smorgrav writes: > Julian Elischer writes: > > > Something is terribly broken with ng_ether at the moment. It lacks a > > > MODULE_VERSION line. > > is this required for something to be a depency? > > Yes. > > > Where is it documented? > > It's not, AFAIK. UTSL (like the rest of us) I don't think Julian is at fault here. At some point in the past, MODULE_VERSION wasn't required. Whoever committed the checkin that made suddenly made MODULE_VERSION required should have added it to all affected files, or at least there should have been a HEADS UP, but I don't recall seeing one. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 10:14: 5 2001 Delivered-To: freebsd-net@freebsd.org Received: from ness.plymouth.edu (ness.plymouth.edu [158.136.1.140]) by hub.freebsd.org (Postfix) with ESMTP id 373EE37B698 for ; Tue, 16 Jan 2001 10:13:41 -0800 (PST) Received: (from ted@localhost) by ness.plymouth.edu (8.11.1/8.10.0) id f0GID7k32443 for freebsd-net@freebsd.org; Tue, 16 Jan 2001 13:13:07 -0500 (EST) From: Ted Wisniewski Message-Id: <200101161813.f0GID7k32443@ness.plymouth.edu> Subject: Bridging-Firewall/bandwith limit problem To: freebsd-net@freebsd.org Date: Tue, 16 Jan 2001 13:13:07 -0500 (EST) X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We have a FreeBSD 4.2-STABLE machine running as a Bridging Firewall and we are having some difficulties, can anyone give me a pointer, or outright help... figuring out what is the problem? Details below. Problem repeatable using different network cards (fxp or xl) FreeBSD 4.2 stable ipfw/dummynet issues (Kernel Config Below): Sending selected TCP ports, or selected subnets through dummynet pipes for bandwidth control, the pipes sometimes get "clogged up", causing all packets going through the pipe to be dropped. Deleting and re-creating the pipe clears it up. We tried assigning selected subnets to pipes via dummynet queues, masking for host addresses, so that each host address would get a bucket. The system seemed to ignore the actual mask we gave it and assigned flows to buckets by 4th octet only. The system generated log messages "... /kernel: == not eligible, size nnnn" and after a while paniced, rebooted. This set of rules get you "clogged" pipes: ipfw pipe 1 config bw 512KBytes/s queue 200Kbytes ipfw pipe 2 config bw 256KBytes/s queue 100Kbytes ipfw add 15130 pipe 1 ip from any to XXX.YYY.208.0/20 recv xl1 ipfw add 15140 pipe 1 ip from any to XXX.YYY.172.0/22 recv xl1 ipfw add 15110 pipe 2 ip from XXX.YYY.208.0/20 to any recv xl0 ipfw add 15120 pipe 2 ip from XXX.YYY.172.0/22 to any recv xl0 This set of rules caused OS-Crash (reboot): ipfw pipe 1 config bw 256KBytes/s queue 150Kbytes ipfw queue 1 config pipe 1 weight 1 mask src-ip 0x00000FFF buckets 256 queue 75K Bytes ipfw queue 2 config pipe 1 weight 1 mask src-ip 0x000003FF buckets 128 queue 75K Bytes ipfw pipe 2 config bw 512KBytes/s queue 300Kbytes ipfw queue 3 config pipe 2 weight 1 mask dst-ip 0x00000FFF buckets 256 queue 75K Bytes ipfw queue 4 config pipe 2 weight 1 mask dst-ip 0x000003FF buckets 128 queue 75K Bytes ipfw add 16010 queue 1 ip from XXX.YYY.208.0/20 to any recv xl0 ipfw add 16020 queue 2 ip from XXX.YYY.172.0/22 to any recv xl0 ipfw add 16030 queue 3 ip from any to XXX.YYY.208.0/20 recv xl1 ipfw add 16040 queue 4 ip from any to XXX.YYY.172.0/22 recv xl1 In each case traffic flows worked as we had intended for a while before failure. Appropriate Settings from /etc/rc.conf: bridging_enable="YES" bridging_fw_enable="YES" portmap_enable="NO" firewall_enable="YES" firewall_script="/usr/local/etc/firewall/rc.firewall" drop_synfin_enable="YES" extra Sysctls set are: sysctl -w net.link.ether.bridge=1 sysctl -w net.link.ether.bridge_ipfw=1 KERNEL Config file: # # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.246.2.20 2000/10/31 23:16:07 n_hibma Exp $ machine i386 cpu I586_CPU cpu I686_CPU ident GENERIC maxusers 128 options INET #InterNETworking options FFS #Berkeley Fast Filesystem options FFS_ROOT #FFS usable as root device [keep this!] options SOFTUPDATES #Enable FFS soft updates support options CD9660 #ISO 9660 Filesystem options PROCFS #Process filesystem options COMPAT_43 #Compatible with BSD 4.3 [KEEP THIS!] options UCONSOLE #Allow users to grab the console options USERCONFIG #boot -c editor options VISUAL_USERCONFIG #visual boot -c editor options KTRACE #ktrace(1) support options SYSVSHM #SYSV-style shared memory options SYSVMSG #SYSV-style message queues options SYSVSEM #SYSV-style semaphores options P1003_1B #Posix P1003_1B real-time extensions options _KPOSIX_PRIORITY_SCHEDULING options KBD_INSTALL_CDEV # install a CDEV entry in /dev options DUMMYNET options IPDIVERT options BRIDGE options NMBCLUSTERS=16384 options TCP_DROP_SYNFIN options IPSTEALTH #support for stealth forwarding options TCP_RESTRICT_RST #restrict emission of TCP RST options ICMP_BANDLIM #Rate limit bad replies options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT device isa device eisa device pci # Floppy drives device fdc0 at isa? port IO_FD1 irq 6 drq 2 device fd0 at fdc0 drive 0 #device fd1 at fdc0 drive 1 # ATA and ATAPI devices device ata0 at isa? port IO_WD1 irq 14 device ata1 at isa? port IO_WD2 irq 15 device ata device atadisk # ATA disk drives device atapicd # ATAPI CDROM drives device atapifd # ATAPI floppy drives device atapist # ATAPI tape drives options ATA_STATIC_ID #Static device numbering #options ATA_ENABLE_ATAPI_DMA #Enable DMA on ATAPI devices # atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc0 at isa? port IO_KBD device atkbd0 at atkbdc? irq 1 flags 0x1 device psm0 at atkbdc? irq 12 device vga0 at isa? # splash screen/screen saver pseudo-device splash # syscons is the default console driver, resembling an SCO console device sc0 at isa? flags 0x100 options FAT_CURSOR # start with block cursor # Floating point support - do not disable. device npx0 at nexus? port IO_NPX irq 13 # Serial (COM) ports device sio0 at isa? port IO_COM1 flags 0x10 irq 4 device sio1 at isa? port IO_COM2 irq 3 # PCI Ethernet NICs that use the common MII bus controller code. device fxp # Intel EtherExpress PRO/100B (82557, 82558) # NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! device miibus # MII bus support device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') # Pseudo devices - the number indicates how many units to allocated. pseudo-device loop # Network loopback pseudo-device ether # Ethernet support pseudo-device pty # Pseudo-ttys (telnet etc) # The `bpf' pseudo-device enables the Berkeley Packet Filter. # Be aware of the administrative consequences of enabling this! pseudo-device bpf #Berkeley packet filter -- | Ted Wisniewski INET: ted@oz.plymouth.edu | | Computer Services ted@wiz.plymouth.edu | | Plymouth State College tedw@tigger.plymouth.edu | | Plymouth NH, 03264 HTTP: http://oz.plymouth.edu/~ted/ | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 10:14:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout03.sul.t-online.com (mailout03.sul.t-online.com [194.25.134.81]) by hub.freebsd.org (Postfix) with ESMTP id 4EFE237B401 for ; Tue, 16 Jan 2001 10:14:10 -0800 (PST) Received: from fwd07.sul.t-online.com by mailout03.sul.t-online.com with smtp id 14IacL-00022u-09; Tue, 16 Jan 2001 19:14:01 +0100 Received: from ramses.local (320080844193-0001@[217.2.172.82]) by fmrl07.sul.t-online.com with esmtp id 14Iac0-27xpBoC; Tue, 16 Jan 2001 19:13:40 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14IbZU-0000fa-00; Tue, 16 Jan 2001 20:15:08 +0100 Date: Tue, 16 Jan 2001 20:15:08 +0100 From: Clemens Hermann To: Luigi Rizzo Cc: freebsd-net@freebsd.org Subject: Re: bandwith limitation Message-ID: <20010116201508.A2261@ramses.local> Mail-Followup-To: Clemens Hermann , Luigi Rizzo , freebsd-net@freebsd.org References: <20010116194547.A1319@ramses.local> <200101161754.f0GHstB09523@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101161754.f0GHstB09523@iguana.aciri.org> von Luigi Rizzo am 16.Jan.2001 um 09:54:55 (-0800) X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Am 16.01.2001 um 09:54:55 schrieb Luigi Rizzo: Hi Luigi, first thanks for your hints, > > so it is definitely impossible that a packet that passes ipfw (as every > > packet does) enters the system even if ipf says "no", right? > > you have to look at the order of invokation of ipfw and ipfw > in the kernel (/sys/netinet/ip_{input,output}.c) to make > sure what happens. I am not really a C-crack :-(. The only thing I really would like to know is, if any packet has to pass ipf, no matter what ipfw sayd before (or after). If this is the case it would be blocked if necessary. I am just not sure if there could be a situation where ipfw says "o.k." and the packet passes through both tools (ipf & ipfw) no matter what ipf says. > > I have some additional questions concerning the ipfw approach: > > > > - is it in general a bad thing to have ipf/ipfw together running on one > > machine or ist it just o.k. to have ipf as firewall and IP-accounting > > and ipfw for bandwith limitations? > > it is not bad, though you end up using two different packages > and maybe do the classification twice. As far as i can tell > the only real advantage of ipf is that you can do NAT in the kernel, > for all the rest (including stateful filtering) ipfw is pretty > much on par. I used ipfw to do the filtering before but I needed IP-accounting and for this purpose ipf does a pretty cool job. In combination with ipacct I get a perfect report (devices, in-out, etc.). To drop ipf I would need something similar to do this with ipfw. Is there a way to do this? > > - does the bandwith-limitation that ipfw/dummynet offer tear down the > > effective bandwith of my server? > > that is exactly what you want to do, right ? perhaps my question was misleading. If I have 100 MBit and use the shaper could it be possible to end up with a performance of 50 MBit (or whatever) just because the shaper "eats" bandwith while doing the job? Thanks a lot for your help (and Martin's of course). I have been looking around for really a while to solve my problem and I get great help from you. /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 10:23:46 2001 Delivered-To: freebsd-net@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 30DF037B698; Tue, 16 Jan 2001 10:23:27 -0800 (PST) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id TAA38341; Tue, 16 Jan 2001 19:23:19 +0100 (CET) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Archie Cobbs Cc: Julian Elischer , Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: HEADSUP! New netgraph code coming References: <200101161809.KAA09927@curve.dellroad.org> From: Dag-Erling Smorgrav Date: 16 Jan 2001 19:23:18 +0100 In-Reply-To: Archie Cobbs's message of "Tue, 16 Jan 2001 10:09:04 -0800 (PST)" Message-ID: Lines: 12 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Archie Cobbs writes: > At some point in the past, MODULE_VERSION wasn't required. Whoever > committed the checkin that made suddenly made MODULE_VERSION required > should have added it to all affected files, or at least there should > have been a HEADS UP, but I don't recall seeing one. If I recall correctly, it was Mike, and the commit message was fairly explicit. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 10:37:27 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout03.sul.t-online.com (mailout03.sul.t-online.com [194.25.134.81]) by hub.freebsd.org (Postfix) with ESMTP id 3CA8937B69B for ; Tue, 16 Jan 2001 10:37:08 -0800 (PST) Received: from fwd05.sul.t-online.com by mailout03.sul.t-online.com with smtp id 14Iayb-0004FR-00; Tue, 16 Jan 2001 19:37:01 +0100 Received: from ramses.local (320080844193-0001@[217.2.172.82]) by fmrl05.sul.t-online.com with esmtp id 14IayV-0UQeYKC; Tue, 16 Jan 2001 19:36:55 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14Ibw3-0000kR-00; Tue, 16 Jan 2001 20:38:27 +0100 Date: Tue, 16 Jan 2001 20:38:27 +0100 From: Clemens Hermann To: Luigi Rizzo Cc: freebsd-net@freebsd.org Subject: Re: bandwith limitation Message-ID: <20010116203827.C2261@ramses.local> Mail-Followup-To: Clemens Hermann , Luigi Rizzo , freebsd-net@freebsd.org References: <20010116201508.A2261@ramses.local> <200101161822.f0GIMNF09755@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101161822.f0GIMNF09755@iguana.aciri.org> von Luigi Rizzo am 16.Jan.2001 um 10:22:23 (-0800) X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Am 16.01.2001 um 10:22:23 schrieb Luigi Rizzo: Hi Luigi, hopefully you are not nerved by my continuing question, but there is still one thing I did not dompletely understand. > if ipf says no it says no. you just want tobe sure that > the packet actually passes through both things. I just do not know how to make this sure. It probably might have something to do with my kernel-config, right? So I show you how I would do it, perhaps you could tell if with this configuration every package passes both packages: options IPFILTER options IPFILTER_LOG options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT So if I have set up the config file for ipf (Firewall) and I only have configuration for bandwith limits in the ipfw config, does this make sure every packet passes ipf and is blocked if ipf says this? Thanks again for your help and patience /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 10:49:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from unity.copyleft.no (unity.copyleft.no [212.71.72.23]) by hub.freebsd.org (Postfix) with ESMTP id 4F3C337B69E for ; Tue, 16 Jan 2001 10:49:39 -0800 (PST) Received: from martin by unity.copyleft.no with local (Exim 3.12 #1) id 14IbAn-0007S6-00; Tue, 16 Jan 2001 19:49:37 +0100 Date: Tue, 16 Jan 2001 19:49:37 +0100 From: Martin Eggen To: Clemens Hermann Cc: freebsd-net@freebsd.org Subject: Re: bandwith limitation Message-ID: <20010116194936.A28412@unity.copyleft.no> References: <20010116194547.A1319@ramses.local> <200101161754.f0GHstB09523@iguana.aciri.org> <20010116201508.A2261@ramses.local> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010116201508.A2261@ramses.local>; from haribeau@gmx.de on Tue, Jan 16, 2001 at 08:15:08PM +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [Clemens Hermann] > I used ipfw to do the filtering before but I needed IP-accounting and > for this purpose ipf does a pretty cool job. In combination with ipacct > I get a perfect report (devices, in-out, etc.). To drop ipf I would need > something similar to do this with ipfw. Is there a way to do this? Depending on how fine-grained you want it, a couple of count rules and MRTG should do it, not? -- Martin Eggen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 13:38:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id BCAF237B698; Tue, 16 Jan 2001 13:38:27 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id NAA20825; Tue, 16 Jan 2001 13:38:20 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.9.3/8.9.3) id NAA10547; Tue, 16 Jan 2001 13:38:14 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200101162138.NAA10547@curve.dellroad.org> Subject: Re: HEADSUP! New netgraph code coming In-Reply-To: "from Dag-Erling Smorgrav at Jan 16, 2001 07:23:18 pm" To: Dag-Erling Smorgrav Date: Tue, 16 Jan 2001 13:38:14 -0800 (PST) Cc: Archie Cobbs , Julian Elischer , Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dag-Erling Smorgrav writes: > > At some point in the past, MODULE_VERSION wasn't required. Whoever > > committed the checkin that made suddenly made MODULE_VERSION required > > should have added it to all affected files, or at least there should > > have been a HEADS UP, but I don't recall seeing one. > > If I recall correctly, it was Mike, and the commit message was fairly > explicit. It seems like fairly explicit commit message wasn't sufficient then. Whatever.. developers should pay more attention and committers should be more explicit. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 13:49:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from atro.pine.nl (atro.pine.nl [213.156.0.2]) by hub.freebsd.org (Postfix) with ESMTP id 2103D37B402 for ; Tue, 16 Jan 2001 13:49:19 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by atro.pine.nl (8.11.1/8.11.1) with ESMTP id f0GLnDs15710; Tue, 16 Jan 2001 22:49:14 +0100 (MET) Date: Tue, 16 Jan 2001 22:49:13 +0100 (MET) From: Mark Lastdrager To: Ted Wisniewski Cc: Subject: Re: Bridging-Firewall/bandwith limit problem In-Reply-To: <200101161813.f0GID7k32443@ness.plymouth.edu> Message-ID: X-NCC-RegID: nl.pine MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At Tue, 16 Jan 2001, owner-freebsd-net@FreeBSD.ORG wrote: > >We have a FreeBSD 4.2-STABLE machine running as a Bridging Firewall >and we are having some difficulties, can anyone give me a pointer, >or outright help... figuring out what is the problem? Details >below. Problem repeatable using different network cards (fxp or xl) > >FreeBSD 4.2 stable ipfw/dummynet issues (Kernel Config Below): > >Sending selected TCP ports, or selected subnets through dummynet pipes >for bandwidth control, the pipes sometimes get "clogged up", causing all >packets going through the pipe to be dropped. Deleting and re-creating >the pipe clears it up. We had exactly the same problem with 4.1-STABLE or 4.0-STABLE (don't remember) a while ago. A 'downgrade' to 3.4-RELEASE fixed it, 3.4-STABLE had the same problem. Not much of a solution, but it may be helpful for the developers. Mark Lastdrager -- Pine Internet BV :: tel. +31-70-3111010 :: fax. +31-70-3111011 PGP 92BB81D1 fingerprint 0059 7D7B C02B 38D2 A853 2785 8C87 3AF1 Today's excuse: had to use hammer to free stuck disk drive heads. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 15: 1: 9 2001 Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 69F3437B404; Tue, 16 Jan 2001 15:00:46 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f0GN0cm26181; Tue, 16 Jan 2001 15:00:38 -0800 (PST) Date: Tue, 16 Jan 2001 15:00:38 -0800 From: Alfred Perlstein To: Archie Cobbs Cc: Dag-Erling Smorgrav , Julian Elischer , Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: HEADSUP! New netgraph code coming Message-ID: <20010116150038.X7240@fw.wintelcom.net> References: <200101162138.NAA10547@curve.dellroad.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101162138.NAA10547@curve.dellroad.org>; from archie@dellroad.org on Tue, Jan 16, 2001 at 01:38:14PM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Archie Cobbs [010116 13:39] wrote: > Dag-Erling Smorgrav writes: > > > At some point in the past, MODULE_VERSION wasn't required. Whoever > > > committed the checkin that made suddenly made MODULE_VERSION required > > > should have added it to all affected files, or at least there should > > > have been a HEADS UP, but I don't recall seeing one. > > > > If I recall correctly, it was Mike, and the commit message was fairly > > explicit. > > It seems like fairly explicit commit message wasn't sufficient then. > Whatever.. developers should pay more attention and committers should > be more explicit. ~ % man 9 module No entry for module in section 9 of the manual ~ % man 9 MODULE No entry for MODULE in section 9 of the manual ~ % man 9 MODULE_VERSION No entry for MODULE_VERSION in section 9 of the manual ? This ought to be documented. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 20:13:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id 09E5437B402 for ; Tue, 16 Jan 2001 20:13:39 -0800 (PST) Received: from sv.Go2France.com (sv.meiway.com [212.73.210.79]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id E0B8D6A90B for ; Wed, 17 Jan 2001 05:13:37 +0100 (CET) Message-Id: <5.0.2.1.0.20010117051046.01db08f0@mail.Go2France.com> X-Sender: lconrad%Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Date: Wed, 17 Jan 2001 05:11:43 +0100 To: freebsd-net@FreeBSD.ORG From: Len Conrad Subject: cisco-freebsd link can't ping Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We have a Cisco 3620 and FreeBSD 3.1R connected by an Ethernet crossover cable. Has been working fine for 14 months. A couple of gigabytes traffic pass over the link each day with no errors, speed is correct. ifconfig looks cool netstat -ib shows no collisions on the link A couple of months ago, we rebooted each box and now pinging from one's interface to on the linke the other boxes interface to this link, no responce. But either interface can ping the other box's other interfaces and further away. Traceroute across this link shows just: * * * and then the rest of the traceroute is ok. Apparently some kind of ICMP problem, but we're stumped, since no config info has been changed. We're looking for ways to troubleshoot the link. Tbanks, Len To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 22:25:36 2001 Delivered-To: freebsd-net@freebsd.org Received: from www.comtest.com (cust1150.lava.net [207.26.201.126]) by hub.freebsd.org (Postfix) with ESMTP id C7BAE37B401 for ; Tue, 16 Jan 2001 22:25:16 -0800 (PST) Received: from vaio (a24b161n147client155.hawaii.rr.com [24.161.147.155]) by www.comtest.com (8.11.1/8.11.1) with ESMTP id f0H63Ng30349; Tue, 16 Jan 2001 20:03:30 -1000 (HST) (envelope-from randal@comtest.com) From: "Randal Masutani" To: Len Conrad Date: Tue, 16 Jan 2001 20:23:56 -1000 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: cisco-freebsd link can't ping Reply-To: randal@hits.net Cc: freebsd-net@FreeBSD.ORG Message-ID: <3A64ADDC.1953.2BAAB1@localhost> In-reply-to: <5.0.2.1.0.20010117051046.01db08f0@mail.Go2France.com> X-mailer: Pegasus Mail for Win32 (v3.12c) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Check the obvious. Your IP addresses, netmasks, routing table. Can you provide more info? ifconfig -au, netstat -rn, on the FreeBSD system. and sho ip route on your Cisco. RM On 17 Jan 2001, at 5:11, Len Conrad wrote: > We have a Cisco 3620 and FreeBSD 3.1R connected by an Ethernet > crossover cable. Has been working fine for 14 months. A couple of > gigabytes traffic pass over the link each day with no errors, speed > is correct. > > ifconfig looks cool > > netstat -ib shows no collisions on the link > > A couple of months ago, we rebooted each box and now pinging from > one's interface to on the linke the other boxes interface to this > link, no responce. But either interface can ping the other box's > other interfaces and further away. Traceroute across this link shows just: > > * * * > > and then the rest of the traceroute is ok. Apparently some kind of > ICMP problem, but we're stumped, since no config info has been changed. > > We're looking for ways to troubleshoot the link. > > Tbanks, > Len > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 22:32:21 2001 Delivered-To: freebsd-net@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id 3CC3737B400 for ; Tue, 16 Jan 2001 22:32:03 -0800 (PST) Received: from sv.Go2France.com (sv.meiway.com [212.73.210.79]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id 6D6A86A90B for ; Wed, 17 Jan 2001 07:32:02 +0100 (CET) Message-Id: <5.0.2.1.0.20010117072709.01d31d10@mail.Go2France.com> X-Sender: lconrad%Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Date: Wed, 17 Jan 2001 07:30:06 +0100 To: freebsd-net@FreeBSD.ORG From: Len Conrad Subject: Re: cisco-freebsd link can't ping In-Reply-To: <3A64ADDC.1953.2BAAB1@localhost> References: <5.0.2.1.0.20010117051046.01db08f0@mail.Go2France.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Check the obvious. Your IP addresses, netmasks, routing table. >Can you provide more info? ifconfig -au, netstat -rn, on the FreeBSD >system. and sho ip route on your Cisco. It was simple in fact. We had added some ipfilter rules on disk but hadn't loaded them into memory until the reboot dit dit. If I remove these rules: block in log quick all with short block in log quick all with opt lsrr block in log quick all with opt ssrr The ping and traceroute across that link work fine. I was led to believe those rules blocked trash but obviously they block more than that. thanks Len http://BIND8NT.MEIway.com : Binary for ISC BIND 8.2.3 T9B for NT4 & W2K http://IMGate.MEIway.com : Build free, hi-perf, anti-spam mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 16 23:32:51 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.simplexi.com (unknown [203.231.63.2]) by hub.freebsd.org (Postfix) with ESMTP id F27C337B401 for ; Tue, 16 Jan 2001 23:32:28 -0800 (PST) Received: from chulwon (cwmin [203.231.63.178]) by mail.simplexi.com (8.9.3/8.9.3) with SMTP id QAA12619 for ; Wed, 17 Jan 2001 16:32:43 +0900 Message-ID: <000901c08057$453cdaa0$b23fe7cb@chulwon> From: =?ks_c_5601-1987?B?uc7Dtr/4?= To: Subject: LVS with FreeBSD Date: Wed, 17 Jan 2001 16:29:42 +0900 MIME-Version: 1.0 Content-Type: text/plain; charset="ks_c_5601-1987" Content-Transfer-Encoding: base64 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org SGVsbG8sDQoNCkkgYW0gc2V0dGluZyB1cCBhIExWUy9EUiBjbHVzdGVyIHdpdGggMiBub2RlcyhG cmVlQlNEKSwgYnV0IEl0IGRvZXNuJ3Qgd29yay4gDQoNCkhlcmUgaXMgbXkgbmV0d29yayBjb25m aWd1cmF0aW9uOw0KDQogICAgICAgICAgICAgICAgICBJbnRlcm5ldCAgICAoMjAzLjIzMS42My43 MCBpcyBWaXJ0dWFsIElQKQ0KICAgICAgICAgICAgICAgICAgICAgfA0KICAgICAgICAgICAgICAg ICAgICAgfCAgDQogICAgICAgICAgICAgICAgICAgUm91dGVyICAoMjAzLjIzMS42My4wLzI0IG5l dHdvcmspDQogICAgICAgICAgICAgICAgICAgICB8DQogICAgICAgICAgICAgICAgICAgICB8ICA8 LS0tLS0gIGV0aDAgOiAyMDMuMjMxLjYzLjc0ICAgDQogICAgICAgICAgICAgICAgICBMVlMoTGlu dXgpIA0KICAgICAgICAgICAgICAgICAgICAgfCAgPC0tLS0tICBldGgxIDogMjAzLjIzMS42My43 MCAoVklQKSANCiAgICAgICAgICAgICAgICAgICAgIHwNCiAgICAgICAgICAgIC0tLS0tLS0tLS0t LS0tLS0tLQ0KICAgICAgICAgICAgfCAgICAgICAgICAgICAgICAgICAgICAgICAgfCANCiAgICAg ICAgICBTVlIxICAgICAgICAgICAgICAgICAgICBTVlIyICA8LS0gUmVhbCBTZXJ2ZXJzIGFyZSBG cmVlQlNEIDQuMi1SRUxFQVNFDQogDQogZnhwMCA6IDIwMy4yMzEuNjMuNzAgICAgIDIwMy4yMzEu NjMuNzAgIChWSVApDQogZnhwMSA6IDIwMy4yMzEuNjMuNzEgICAgIDIwMy4yMzEuNjMuNzIgIChS ZWFsIElQKSAgICAgICAgICAgIA0KIA0KLS0tLV0gaW4gTG9hZCBWYWxhbmNpbmcgU2VydmVyKDIw My4yMzEuNjMuNzQpOw0KIA0KICBbcm9vdEBoYTEgbG9nXSMgaWZjb25maWcgLWENCiAgIGV0aDAg ICAgTGluayBlbmNhcDpFdGhlcm5ldCAgSFdhZGRyIDAwOjEwOjVBOjgwOkQ3OkZGICANCiAgICAg ICAgICAgICBpbmV0IGFkZHI6MjAzLjIzMS42My43NCAgQmNhc3Q6MjAzLjIzMS42My4yNTUgIE1h c2s6MjU1LjI1NS4yNTUuMA0KICAgICAgICAgICAgIFVQIEJST0FEQ0FTVCBSVU5OSU5HIE1VTFRJ Q0FTVCAgTVRVOjE1MDAgIE1ldHJpYzoxDQogICAgIA0KICAgZXRoMSAgICBMaW5rIGVuY2FwOkV0 aGVybmV0ICBIV2FkZHIgMDA6MTA6NUE6NzY6MDI6NDkgIA0KICAgICAgICAgICAgIGluZXQgYWRk cjoyMDMuMjMxLjYzLjcwICBCY2FzdDoyMDMuMjMxLjYzLjcwICBNYXNrOjI1NS4yNTUuMjU1LjI1 NQ0KICAgICAgICAgICAgIFVQIEJST0FEQ0FTVCBSVU5OSU5HIE1VTFRJQ0FTVCAgTVRVOjE1MDAg IE1ldHJpYzoxDQogICAgICAgICANCiAgIGxvICAgICAgICBMaW5rIGVuY2FwOkxvY2FsIExvb3Bi YWNrICANCiAgICAgICAgICAgICBpbmV0IGFkZHI6MTI3LjAuMC4xICBNYXNrOjI1NS4wLjAuMA0K ICAgICAgICAgICAgIFVQIExPT1BCQUNLIFJVTk5JTkcgIE1UVTozOTI0ICBNZXRyaWM6MQ0KIA0K ICBbcm9vdEBMVlMgL10jIHJvdXRlIC1uDQogIEtlcm5lbCBJUCByb3V0aW5nIHRhYmxlDQogIERl c3RpbmF0aW9uICAgICBHYXRld2F5ICAgICAgICAgICBHZW5tYXNrICAgICAgICAgRmxhZ3MgTWV0 cmljIFJlZiAgVXNlIElmYWNlDQogIDIwMy4yMzEuNjMuNzAgICAwLjAuMC4wICAgICAgICAgICAg MjU1LjI1NS4yNTUuMjU1IFVIICAgICAgIDAgICAgICAgMCAgICAgIDAgICAgZXRoMQ0KICAyMDMu MjMxLjYzLjc0ICAgMC4wLjAuMCAgICAgICAgICAgIDI1NS4yNTUuMjU1LjI1NSBVSCAgICAgICAw ICAgICAgIDAgICAgICAwICAgIGV0aDANCiAgMjAzLjIzMS42My4wICAgIDAuMC4wLjAgICAgICAg ICAgICAgMjU1LjI1NS4yNTUuMCAgICBVICAgICAgICAgMCAgICAgICAwICAgICAgMCAgICBldGgw DQogIDEyNy4wLjAuMCAgICAgICAgIDAuMC4wLjAgICAgICAgICAgICAgMjU1LjAuMC4wICAgICAg ICAgIFUgICAgICAgICAwICAgICAgIDAgICAgICAwICAgICBsbw0KICAwLjAuMC4wICAgICAgICAg ICAgMjAzLjIzMS42My4yNTQgIDAuMC4wLjAgICAgICAgICAgICAgVUcgICAgICAgMCAgICAgICAw ICAgICAgMCAgICBldGgwDQogIA0KICBbcm9vdEBMVlMgL10jIHN5c2N0bCAtcCAgICAgIA0KICBu ZXQuaXB2NC5pcF9mb3J3YXJkID0gMSAgICAgICAgDQogIG5ldC5pcHY0LmNvbmYuYWxsLnJwX2Zp bHRlciA9IDENCiAgbmV0LmlwdjQuaXBfYWx3YXlzX2RlZnJhZyA9IDAgIA0KICBrZXJuZWwuc3lz cnEgPSAwICAgICAgICAgICAgICAgDQoNCiAgW3Jvb3RATFZTIC9dIyB2aSAvZXRjL2hhLmQvY29u Zi9sZGlyZWN0b3JkLmNmIA0KICB0aW1lb3V0PTMgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICANCiAgY2hlY2tpbnRlcnZhbD01ICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgDQogIGF1dG9yZWxvYWQ9bm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IA0KICBmYWxsYmFjaz0xMjcuMC4wLjE6ODAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiAg dmlydHVhbD0yMDMuMjMxLjYzLjcwOjgwICAgICAgICAgICAgICAgICAgICAgICAgDQogICAgICAg ICAgcmVhbD0yMDMuMjMxLjYzLjcxOjgwIGdhdGUgMSAgICAgICAgICAgIA0KICAgICAgICAgIHJl YWw9MjAzLjIzMS42My43Mjo4MCBnYXRlIDEgICAgICAgICAgICANCiAgICAgICAgICBzZXJ2aWNl PWh0dHAgICAgICAgICAgICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgcmVxdWVzdD0iaW5k ZXguaHRtbCIgICAgICAgICAgICAgICAgICAgIA0KICAgICAgICAgIHJlY2VpdmU9IlRlc3QgUGFn ZSIgICAgICAgICAgICAgICAgICAgICANCiAgICAgICAgICBzY2hlZHVsZXI9cnIgICAgICAgICAg ICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgcHJvdG9jb2w9dGNwICAgICAgDQogICANCi0t LS1dIGluIFJlYWwgU2VydmVyKDIzMS42My43MSw3Mik7ICAgDQogDQogU1ZSMSMgaWZjb25maWcg LWEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiAgZnhwMDog ZmxhZ3M9ODg0MzxVUCxCUk9BRENBU1QsUlVOTklORyxTSU1QTEVYLE1VTFRJQ0FTVD4gbXR1IDE1 MDAgICAgDQogICAgICAgICAgaW5ldCAyMDMuMjMxLjYzLjcwIG5ldG1hc2sgMHhmZmZmZmZmZiBi cm9hZGNhc3QgMjAzLjIzMS42My43MCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA0KICBm eHAxOiBmbGFncz04ODQzPFVQLEJST0FEQ0FTVCxSVU5OSU5HLFNJTVBMRVgsTVVMVElDQVNUPiBt dHUgMTUwMA0KICAgICAgICAgIGluZXQgMjAzLjIzMS42My43MiBuZXRtYXNrIDB4ZmZmZmZmMDAg YnJvYWRjYXN0IDIwMy4yMzEuNjMuMjU1ICANCiAgICAgICAgICANCiAgU1ZSMiBpbiB0aGUgc2Ft ZSB3YXkuLg0KDQoqKioqKioqIFByb2JsZW06DQoNCiAxLiBMVlMgZG9zZW4ndCBmb3J3YXJkIGh0 dHAgcmVxdWVzdCBwYWNrZXQgdG8gdGhlIHJlYWwgc2VydmVyLi4NCiAyLiBJIGRvbid0IGtub3cg aG93IEZyZWVCU0QocmVhbCBzZXJ2ZXIpIGNhbiBhdm9pZCBhcnAgcmVxdWVzdC4uDQoNCiBBYm91 dCBmaXJzdCBwcm9ibGVtOiANCiANCiAgIENsaWVudCB0cnkgdG8gY29ubmVjdCAyMDMuMjMxLjYz LjcwOjgwLCBidXQgTFZTIGRvZXNuJ3QgcmVwbHkgdG8gdGhhdCBTWU4gcGFja2V0Li4gOi0oIA0K IA0KICAgVGhlcmUgYXJlIDIgdGhpbmdzIHRoYXQgc2VlbXMgb2RkLi4NCiAgIA0KICAgRmlyc3Qs IFdoZW4gSSBzdGFydCB1cCBsZGlyZWN0b3JkLCBvdXRwdXQgaXMgbGlrZSB0aGlzLi4NCiANCiAg IFtyb290QExWUyAvXSMgL2V0Yy9yYy5kL2luaXQuZC9sZGlyZWN0b3JkIHN0YXJ0DQogICBTdGFy dGluZyBsZGlyZWN0b3JkIFsgIE9LICBdICAgICAgICAgICAgICAgICAgICAgDQogICBbcm9vdEBM VlMgL10jIHZpIC92YXIvbG9nL2xkaXJlY3RvcmQubG9nICANCiAgICAuLi4uLi4NCiAgIFtUdWUg SmFuIDE2IDEzOjQ3OjQ4IDIwMDEuLl0gU3RhcnRpbmcgTGludXggRGlyZWN0b3IgRGFlbW9uICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgDQogICBb VHVlIEphbiAxNiAxMzo0Nzo0OCAyMDAxLi5dIEFkZGluZyB2aXJ0dWFsIHNlcnZlcjogMjAzLjIz MS42My43MDo4MCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiAgIFtU dWUgSmFuIDE2IDEzOjQ3OjQ4IDIwMDEuLl0gU3RhcnRpbmcgZmFsbGJhY2sgc2VydmVyIGZvcjog MjAzLjIzMS42My43MDo4MCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA0KICAgW1R1 ZSBKYW4gMTYgMTM6NDc6NDkgMjAwMS4uXSBBZGRpbmcgcmVhbCBzZXJ2ZXI6IDIwMy4yMzEuNjMu NzE6ODAgKDEqMjAzLjIzMS42My43MDo4MCkgICAgICAgICAgICAgICAgICAgICAgDQogICBbVHVl IEphbiAxNiAxMzo0Nzo0OSAyMDAxLi5dIFR1cm5pbmcgb2ZmIGZhbGxiYWNrIHNlcnZlciBmb3I6 IDIwMy4yMzEuNjMuNzA6ODAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiAgIFtUdWUg SmFuIDE2IDEzOjQ3OjQ5IDIwMDEuLl0gc3lzdGVtKC9zYmluL2lwdnNhZG0gLWEgLXQgMjAzLjIz MS42My43MDo4MCAtUiAyMDMuMjMxLjYzLjcyOjgwIC1nIC13IDEpIGZhaWxlZA0KICAgW1R1ZSBK YW4gMTYgMTM6NDc6NDkgMjAwMS4uXSBBZGRpbmcgcmVhbCBzZXJ2ZXI6IDIwMy4yMzEuNjMuNzI6 ODAgKDIqMjAzLjIzMS42My43MDo4MCkgICAgICAgICAgICAgICAgICAgICAgDQogICAgLi4uLi4u ICAgICAgDQogICAgDQogICBzeXN0ZW0oL3NiaW4vaXB2c2FkbSAtYSAtdCAyMDMuMjMxLjYzLjcw OjgwIC1SIDIwMy4yMzEuNjMuNzI6ODAgLWcgLXcgMSkgZmFpbGVkICAgICANCiAgICoqV2h5IHRo aXMgZXJyb3Igb2NjdXJlZD8/IFdoYXQgc2hvdWxkIEkgZG8gdG8gZWxpbWluYXRlIHRoaXMgZXJy b3IgbWVzc2FnZT8/ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgDQog ICAgDQogICBTZWNvbmQsIEhlcmUncyBteSBpcHZzYWRtIG91dHB1dDogICAgICAgIA0KICAgW3Jv b3RATFZTIC9dIyBpcHZzYWRtIC1MIC1uICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgDQogICBJUCBWaXJ0dWFsIFNlcnZlciB2ZXJzaW9uIDAuOS43IChzaXplPTQwOTYp ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA0KICAgUHJv dCBMb2NhbEFkZHJlc3M6UG9ydCBTY2hlZHVsZXIgRmxhZ3MgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICANCiAgICAgLT4gUmVtb3RlQWRkcmVzczpQb3J0ICAgICAgICAgIEZvcndhcmQgV2Vp Z2h0IEFjdGl2ZUNvbm4gSW5BY3RDb25uDQogICBUQ1AgIDIwMy4yMzEuNjMuNzA6d3d3IHJyICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA0KICAgICAtPiAyNTUuMjU1 LjI1NS4yNTU6NTIxOTkgICAgICAgTWFzcSAgICA0MTk0MzA0IDAgICAgICAgICAgMCAgICAgICAN CiAgDQogIExhc3Qgb3V0cHV0IGxpbmUgc2VlbXMgd3JvbmcsLCBJIHRoaW5rIEl0IHNob3VsZCBs b29rIGxpa2UgdGhpcy4uIHJpZ2h0Pw0KICANCiAgIFRDUCAgMjAzLjIzMS42My43MDp3d3cgcnIg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiAgICAgLT4gMjAzLjIz MS42My43MTo4MCAgICAgICAgICAgIHJvdXRlICAgMSAgICAgICAwICAgICAgICAgIDAgICAgICAN CiAgICAgLT4gMjAzLjIzMS42My43Mjo4MCAgICAgICAgICAgIHJvdXRlICAgMSAgICAgICAwICAg ICAgICAgIDAgICAgDQogICAgICAgICAgDQogICoqSG93IGNhbiBJIGZpeCB0aGlzIHRoaW5nPz8g IA0KICANCiBTZWNvbmQgcHJvYmxlbToNCiANCiAgIEFzIHlvdSBrbm93Li4gaW4gTFZTIGNsdXN0 ZXIsIHJlYWwgc2VydmVycyBzaG91bGQgbm90IHJlcGx5IHRvIGFycCByZXF1ZXN0IHRoYXQgDQog ICBhc2tzIFZJUCdzIE1BQyBhZGRyZXNzLi4gT25seSBMVlMgc2hvdWxkIHJlcGx5IHRvIHRoYXQg YXJwIHJlcXVlc3QuLg0KICAgSSBoYXZlIGFuIGlkZWEgYWJvdXQgaXQuLiBMZXQgdGhlIHJlYWwg c2VydmVyIHJlcGx5IHRvIGNsaWVudCdzIGFycCByZXF1ZXN0KGZvciBWSVApIA0KICAgd2l0aCBM VlMncyBoYXJkd2FyZSBhZGRyZXNzLi4gdGhlbiBhbGwgY2xpZW50J3MgcGFja2V0IHRoYXQgdG93 YXJkcyBWSVAgZ28gdG8gdGhlIExWUy4uDQogICBUaGF0J3MgYSBnb29kIGlkZWEuLg0KICAgc28g SSBjb21tYW5kZWQgbGlrZSB0aGlzLi4NCiAgIA0KICAgYXJwIC1zIDIwMy4yMzEuNjMuNzAgMDA6 MTA6NUE6NzY6MDI6NDkgcHViDQogICANCiAgIDIwMy4yMzEuNjMuNzAgaXMgVklQIGFuZCAwMDox MDo1QTo3NjowMjo0OSBpcyBMVlMncyBNQUMgYWRkcmVzcy4uDQogICANCiAgIEkgZ290IGEgbWVl c3NhZ2UgOg0KICAgIHNldDogcHJveHkgZW50cnkgZXhpc3RzIGZvciBub24gODAyIGRldmljZSAN CiAgICANCiAgIHdpdGhvdXQgJ3B1YicgZmxhZyA6ICAgIA0KICAgIHNldDogY2FuIG9ubHkgcHJv eHkgZm9yIDIwMy4yMzEuNjMuNzANCiAgICANCiAgICoqKldoYXQgaXMgdGhpcyBtZXNzYWdlIG1l YW5zPz8gDQogICAqKipBUlAgcmVwbHkgd2l0aCBhbm90aGVyIE1BQyBhZGRyZXNzIGlzIGltcG9z c2libGU/Pw0KICAgKioqSG93IGNhbiBJIHNvbHZlIHRoaXMgYXJwIHByb2JsZW0/Pw0KICAgDQog VGhhbmtzIGluIGFkdmFuY2UuLiAgIA0KIA0KLS0tIGFsZXgNCiANCg== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 0:11:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.simplexi.com (unknown [203.231.63.2]) by hub.freebsd.org (Postfix) with ESMTP id B318737B401 for ; Wed, 17 Jan 2001 00:11:17 -0800 (PST) Received: from chulwon (cwmin [203.231.63.178]) by mail.simplexi.com (8.9.3/8.9.3) with SMTP id RAA13875 for ; Wed, 17 Jan 2001 17:11:48 +0900 Message-ID: <001901c0805c$b7b03960$b23fe7cb@chulwon> From: "¹Îö¿ø" To: Subject: LVS with FreeBSD Date: Wed, 17 Jan 2001 17:08:47 +0900 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I am setting up a LVS/DR cluster with 2 nodes(FreeBSD), but It doesn't work. Here is my network configuration; Internet (203.231.63.70 is Virtual IP) | | Router (203.231.63.0/24 network) | | <----- eth0 : 203.231.63.74 LVS(Linux) | <----- eth1 : 203.231.63.70 (VIP) | ------------------ | | SVR1 SVR2 <-- Real Servers are FreeBSD 4.2-RELEASE fxp0 : 203.231.63.70 203.231.63.70 (VIP) fxp1 : 203.231.63.71 203.231.63.72 (Real IP) ----] in Load Valancing Server(203.231.63.74); [root@ha1 log]# ifconfig -a eth0 Link encap:Ethernet HWaddr 00:10:5A:80:D7:FF inet addr:203.231.63.74 Bcast:203.231.63.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth1 Link encap:Ethernet HWaddr 00:10:5A:76:02:49 inet addr:203.231.63.70 Bcast:203.231.63.70 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:3924 Metric:1 [root@LVS /]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 203.231.63.70 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 203.231.63.74 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 203.231.63.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 203.231.63.254 0.0.0.0 UG 0 0 0 eth0 [root@LVS /]# sysctl -p net.ipv4.ip_forward = 1 net.ipv4.conf.all.rp_filter = 1 net.ipv4.ip_always_defrag = 0 kernel.sysrq = 0 [root@LVS /]# vi /etc/ha.d/conf/ldirectord.cf timeout=3 checkinterval=5 autoreload=no fallback=127.0.0.1:80 virtual=203.231.63.70:80 real=203.231.63.71:80 gate 1 real=203.231.63.72:80 gate 1 service=http request="index.html" receive="Test Page" scheduler=rr protocol=tcp ----] in Real Server(231.63.71,72); SVR1# ifconfig -a fxp0: flags=8843 mtu 1500 inet 203.231.63.70 netmask 0xffffffff broadcast 203.231.63.70 fxp1: flags=8843 mtu 1500 inet 203.231.63.72 netmask 0xffffff00 broadcast 203.231.63.255 SVR2 in the same way.. ******* Problem: 1. LVS dosen't forward http request packet to the real server.. 2. I don't know how FreeBSD(real server) can avoid arp request.. About first problem: Client try to connect 203.231.63.70:80, but LVS doesn't reply to that SYN packet.. There are 2 things that seems odd.. First, When I start up ldirectord, output is like this.. [root@LVS /]# /etc/rc.d/init.d/ldirectord start Starting ldirectord [ OK ] [root@LVS /]# vi /var/log/ldirectord.log ...... [Tue Jan 16 13:47:48 2001..] Starting Linux Director Daemon [Tue Jan 16 13:47:48 2001..] Adding virtual server: 203.231.63.70:80 [Tue Jan 16 13:47:48 2001..] Starting fallback server for: 203.231.63.70:80 [Tue Jan 16 13:47:49 2001..] Adding real server: 203.231.63.71:80 (1*203.231.63.70:80) [Tue Jan 16 13:47:49 2001..] Turning off fallback server for: 203.231.63.70:80 [Tue Jan 16 13:47:49 2001..] system(/sbin/ipvsadm -a -t 203.231.63.70:80 -R 203.231.63.72:80 -g -w 1) failed [Tue Jan 16 13:47:49 2001..] Adding real server: 203.231.63.72:80 (2*203.231.63.70:80) ...... system(/sbin/ipvsadm -a -t 203.231.63.70:80 -R 203.231.63.72:80 -g -w 1) failed **Why this error occured?? What should I do to eliminate this error message?? Second, Here's my ipvsadm output: [root@LVS /]# ipvsadm -L -n IP Virtual Server version 0.9.7 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 203.231.63.70:www rr -> 255.255.255.255:52199 Masq 4194304 0 0 Last output line seems wrong,, I think It should look like this.. right? TCP 203.231.63.70:www rr -> 203.231.63.71:80 route 1 0 0 -> 203.231.63.72:80 route 1 0 0 **How can I fix this thing?? Second problem: As you know.. in LVS cluster, real servers should not reply to arp request that asks VIP's MAC address.. Only LVS should reply to that arp request.. I have an idea about it.. Let the real server reply to client's arp request(for VIP) with LVS's hardware address.. then all client's packet that towards VIP go to the LVS.. That's a good idea.. so I commanded like this.. arp -s 203.231.63.70 00:10:5A:76:02:49 pub 203.231.63.70 is VIP and 00:10:5A:76:02:49 is LVS's MAC address.. I got a meessage : set: proxy entry exists for non 802 device without 'pub' flag : set: can only proxy for 203.231.63.70 ***What is this message means?? ***ARP reply with another MAC address is impossible?? ***How can I solve this arp problem?? Thanks in advance.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 1:35:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.rdc1.nj.home.com (ha1.rdc1.nj.home.com [24.3.128.66]) by hub.freebsd.org (Postfix) with ESMTP id DB28037B404 for ; Wed, 17 Jan 2001 01:35:22 -0800 (PST) Received: from home.com ([24.228.40.16]) by mail.rdc1.nj.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010117093522.LNJD14368.mail.rdc1.nj.home.com@home.com> for ; Wed, 17 Jan 2001 01:35:22 -0800 Message-ID: <3A656763.CC1FF016@home.com> Date: Wed, 17 Jan 2001 04:35:31 -0500 From: melik bessaha X-Mailer: Mozilla 4.74 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: REQ: HELP W/ IP ALIASING Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I am attempting to alias my one physical NIC in my netfinity server. I am using IPFILTER and IPNAT to do this with a static IP on a cable subscription. I am trying to port the connection to one machine in the internal network. Can someone please paste in their rc.conf, ipf.conf, and ipnat.conf so that i can copy info. I cant seem to get things to work properly. I can ping on the server to an outside address, but my subnet machine cant ping out or anything. The IP strucutre is as follows: NIC ip - 24.228.40.14, alias host - 192.168.1.0 (the internal gateway), and 192.168.1..10(the second machine) what should the ifconfig command look like in rc.conf with this info? also, to redirect in ipnat, would the command look like this: map fxp0 192.168.1.0/24 -> 24.228.40.14/32 portmap tcp:udp 10000:60000 map fxp0 192.168.1.0/24 -> 24.228.40.14/32 is this right?? if 192.168.1.0 will act as my gateway for my second machine, what should be the host of the machine? im a bit confused with how aliasing works. ifconfig should look something like this: ifconfig fxp0 alias inet 192.168.1.0/24 route alias -host 192.168.1.0 127.0.0.1 0 is this correct? Thanks to anyone who helps...im really bad at this and want to learn. Many thanks, Mel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 4:27:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 019AB37B400; Wed, 17 Jan 2001 04:27:17 -0800 (PST) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id NAA42073; Wed, 17 Jan 2001 13:27:10 +0100 (CET) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Alfred Perlstein Cc: Archie Cobbs , Julian Elischer , Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: HEADSUP! New netgraph code coming References: <200101162138.NAA10547@curve.dellroad.org> <20010116150038.X7240@fw.wintelcom.net> From: Dag-Erling Smorgrav Date: 17 Jan 2001 13:27:09 +0100 In-Reply-To: Alfred Perlstein's message of "Tue, 16 Jan 2001 15:00:38 -0800" Message-ID: Lines: 10 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Alfred Perlstein writes: > This ought to be documented. A good start would be to add example of MODULE_VERSION and MODULE_DEPEND usage to one of the templates in /usr/share/examples/kld/. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 4:28:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from hotmail.com (f44.pav1.hotmail.com [64.4.31.44]) by hub.freebsd.org (Postfix) with ESMTP id 5036137B400 for ; Wed, 17 Jan 2001 04:28:16 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 17 Jan 2001 04:28:16 -0800 Received: from 203.150.154.5 by pv1fd.pav1.hotmail.msn.com with HTTP; Wed, 17 Jan 2001 12:28:15 GMT X-Originating-IP: [203.150.154.5] From: "Mick Nicila" To: chutima_s@zdnetonebox.com Cc: freebsd-net@FreeBSD.ORG Subject: Re: How to send mail on behave of other domains. Date: Wed, 17 Jan 2001 19:28:15 +0700 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 17 Jan 2001 12:28:16.0039 (UTC) FILETIME=[F759A370:01C08080] Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dear Chutima, The option to accept or reject mails that have mismatch domains belongs to the remote mail server. Some sites set default to reject for spam blocking. What you can do is to contact the postmaster of those sites. For example, I heard that some free e-mail providers such as GMX rejects mail from aol.com or hotmail.com unless it comes from mail servers of those domains. However, they also allow users to turn on or off this option as they wish. On Tue, 16 Jan 2001, Chutima S. wrote: >Hi > >I setup mail server for our office users send mail to Internet with domain >name YYY.net. But there are some users register their own domain name >XXX.net. They want to send mail out from our mail server. Most of their >mail is OK but there are some mail servers out there reject some mails >from them. Because domain name at Sender field(user@XXX.net) and >Host(mail.YYY.net) >is mismatch. How do I config my sendmail.cf for them can use for send >mail out? > >Thks >Chutima S. > >-- >Chutima Subsirin >chutima_s@zdnetonebox.com - email >(202) 777-2641 ext. 6020 - voicemail/fax > > > >___________________________________________________________________ >To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, >all in one place - sign up today at http://www.zdnetonebox.com > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-net" in the body of the message > _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 6:53:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140]) by hub.freebsd.org (Postfix) with ESMTP id 92F6837B404 for ; Wed, 17 Jan 2001 06:53:10 -0800 (PST) Received: from wkst ([209.16.228.145]) by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id JAA04958 for ; Wed, 17 Jan 2001 09:53:41 -0500 Reply-To: From: "Peter Brezny" To: Subject: Redundant connections from separate isp's possible? Date: Wed, 17 Jan 2001 09:52:19 -0800 Message-ID: <001701c080ae$3d1931a0$46010a0a@sysadmininc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We're a small web hosting company wanting to have multiple routes from separate isp's coming into the webservers from the outside so that if one connection goes down, the other connection can still reach the servers. Can this be done? Is this possible with freebsd as the router? Are there better options from cisco et. al.? I searched the -net mail list archives and found a lot about load balancing multiple servers so one didn't get overloaded, but that's not our problem. We want multiple load balanced connections from the internet into the same server/network. Can this be done with separate isp's? or am I asking for trouble? we currently have a single t1 and are looking at a 2.5 mbit DSL line to augment/backup the t1. of course a different provider means a different network range allocated to us. And here is where things get fuzzy for me. What do i tell internic?...ns1 -->network range 1, ns2 -->network range 2 and have the name server hold an IP from each isp's network range? Thanks for your comments/suggestions. Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 6:59:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailman.thenap.com (mailman.thenap.com [209.190.0.10]) by hub.freebsd.org (Postfix) with ESMTP id CEAA037B401 for ; Wed, 17 Jan 2001 06:59:11 -0800 (PST) Received: by mailman.thenap.com with Internet Mail Service (5.5.2650.21) id ; Wed, 17 Jan 2001 10:10:38 -0500 Message-ID: From: "Drew J. Weaver" To: "'peter@sysadmin-inc.com'" , freebsd-net@freebsd.org Subject: RE: Redundant connections from separate isp's possible? Date: Wed, 17 Jan 2001 10:10:37 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C08097.A59C65E2" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C08097.A59C65E2 Content-Type: text/plain; charset="iso-8859-1" I believe what you're talking about is refered to as BGP or Sonnet routing, but i'm not sure, I know it is possible because we have 5 or 6 backbone providers on our Network. -Drew -----Original Message----- From: Peter Brezny [mailto:peter@sysadmin-inc.com] Sent: Wednesday, January 17, 2001 12:52 PM To: freebsd-net@freebsd.org Subject: Redundant connections from separate isp's possible? We're a small web hosting company wanting to have multiple routes from separate isp's coming into the webservers from the outside so that if one connection goes down, the other connection can still reach the servers. Can this be done? Is this possible with freebsd as the router? Are there better options from cisco et. al.? I searched the -net mail list archives and found a lot about load balancing multiple servers so one didn't get overloaded, but that's not our problem. We want multiple load balanced connections from the internet into the same server/network. Can this be done with separate isp's? or am I asking for trouble? we currently have a single t1 and are looking at a 2.5 mbit DSL line to augment/backup the t1. of course a different provider means a different network range allocated to us. And here is where things get fuzzy for me. What do i tell internic?...ns1 -->network range 1, ns2 -->network range 2 and have the name server hold an IP from each isp's network range? Thanks for your comments/suggestions. Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message ------_=_NextPart_001_01C08097.A59C65E2 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: Redundant connections from separate isp's possible?

        I believe = what you're talking about is refered to as BGP or Sonnet routing, but = i'm not sure, I know it is possible because we have 5 or 6 backbone = providers on our Network.

-Drew


-----Original Message-----
From: Peter Brezny [mailto:peter@sysadmin-inc.com= ]
Sent: Wednesday, January 17, 2001 12:52 PM
To: freebsd-net@freebsd.org
Subject: Redundant connections from separate isp's = possible?


We're a small web hosting company wanting to have = multiple routes from
separate isp's coming into the webservers from the = outside so that if one
connection goes down, the other connection can still = reach the servers.

Can this be done?  Is this possible with freebsd = as the router?  Are there
better options from cisco et. al.?

I searched the -net mail list archives and found a = lot about load balancing
multiple servers so one didn't get overloaded, but = that's not our problem.
We want multiple load balanced connections from the = internet into the same
server/network.

Can this be done with separate isp's? or am I asking = for trouble?  we
currently have a single t1 and are looking at a 2.5 = mbit DSL line to
augment/backup the t1.  of course a different = provider means a different
network range allocated to us.  And here is = where things get fuzzy for me.
What do i tell internic?...ns1 -->network range = 1, ns2 -->network range 2
and have the name server hold an IP from each isp's = network range?

Thanks for your comments/suggestions.

Peter Brezny
SysAdmin Services Inc.



To Unsubscribe: send mail to = majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body = of the message

------_=_NextPart_001_01C08097.A59C65E2-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 7:12:10 2001 Delivered-To: freebsd-net@freebsd.org Received: from atro.pine.nl (atro.pine.nl [213.156.0.2]) by hub.freebsd.org (Postfix) with ESMTP id A5B2937B400 for ; Wed, 17 Jan 2001 07:11:52 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by atro.pine.nl (8.11.1/8.11.1) with ESMTP id f0HFBma03403; Wed, 17 Jan 2001 16:11:49 +0100 (MET) Date: Wed, 17 Jan 2001 16:11:48 +0100 (MET) From: Mark Lastdrager To: Peter Brezny Cc: Subject: Re: Redundant connections from separate isp's possible? In-Reply-To: <001701c080ae$3d1931a0$46010a0a@sysadmininc.com> Message-ID: X-NCC-RegID: nl.pine MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At Wed, 17 Jan 2001, owner-freebsd-net@FreeBSD.ORG wrote: >We're a small web hosting company wanting to have multiple routes from >separate isp's coming into the webservers from the outside so that if one >connection goes down, the other connection can still reach the servers. > >Can this be done? Is this possible with freebsd as the router? Are there >better options from cisco et. al.? > >I searched the -net mail list archives and found a lot about load balancing >multiple servers so one didn't get overloaded, but that's not our problem. >We want multiple load balanced connections from the internet into the same >server/network. > >Can this be done with separate isp's? or am I asking for trouble? we >currently have a single t1 and are looking at a 2.5 mbit DSL line to >augment/backup the t1. of course a different provider means a different >network range allocated to us. And here is where things get fuzzy for me. >What do i tell internic?...ns1 -->network range 1, ns2 -->network range 2 >and have the name server hold an IP from each isp's network range? You'll need at least two ISP's, your own IP addresses, an ASN and lots of clue ;-) See http://www.netaxs.com/~freedman/bgp/bgp.html for more info about BGP4. This can be done using FreeBSD and zebra (/usr/ports/net/zebra). Mark Lastdrager -- Pine Internet BV :: tel. +31-70-3111010 :: fax. +31-70-3111011 PGP 92BB81D1 fingerprint 0059 7D7B C02B 38D2 A853 2785 8C87 3AF1 Today's excuse: Domain controler not responding To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 7:30: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 9750537B400 for ; Wed, 17 Jan 2001 07:29:46 -0800 (PST) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id IAA66222; Wed, 17 Jan 2001 08:29:43 -0700 (MST) Date: Wed, 17 Jan 2001 08:29:43 -0700 (MST) From: Nick Rogness To: Peter Brezny Cc: freebsd-net@freebsd.org Subject: Re: Redundant connections from separate isp's possible? In-Reply-To: <001701c080ae$3d1931a0$46010a0a@sysadmininc.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 17 Jan 2001, Peter Brezny wrote: > We're a small web hosting company wanting to have multiple routes from > separate isp's coming into the webservers from the outside so that if one > connection goes down, the other connection can still reach the servers. > > Can this be done? Is this possible with freebsd as the router? Are there > better options from cisco et. al.? > > I searched the -net mail list archives and found a lot about load balancing > multiple servers so one didn't get overloaded, but that's not our problem. > We want multiple load balanced connections from the internet into the same > server/network. > > Can this be done with separate isp's? or am I asking for trouble? we > currently have a single t1 and are looking at a 2.5 mbit DSL line to > augment/backup the t1. of course a different provider means a different > network range allocated to us. And here is where things get fuzzy for me. > What do i tell internic?...ns1 -->network range 1, ns2 -->network range 2 > and have the name server hold an IP from each isp's network range? > > Thanks for your comments/suggestions. > > Peter Brezny > SysAdmin Services Inc. > What you need to use is BGP (Border Gateway Protcol) which is a routing protocol used on the Internet Backbone. It is used to handle routing across different autonomous systems (AS). I do not recommend using FreebSD to do this, but it can using either gated or another routing daemon. You do not need to do anything with internic regarding your IP space. However, using BGP is not an easy task and requires a lot of work with your upstream providers. It is one of those things that if you screw up, the rest of the internet suffers (Which has happened before). For a reference ,check out "Internet Routing Architectures" by Halabi. It is a great book and is pretty much the BIBLE when talking about BGP. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 8:44:30 2001 Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 1DA9337B401; Wed, 17 Jan 2001 08:44:12 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f0HGi5n22185; Wed, 17 Jan 2001 08:44:05 -0800 (PST) Date: Wed, 17 Jan 2001 08:44:05 -0800 From: Alfred Perlstein To: Dag-Erling Smorgrav Cc: Archie Cobbs , Julian Elischer , Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: HEADSUP! New netgraph code coming Message-ID: <20010117084404.L7240@fw.wintelcom.net> References: <200101162138.NAA10547@curve.dellroad.org> <20010116150038.X7240@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from des@ofug.org on Wed, Jan 17, 2001 at 01:27:09PM +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Dag-Erling Smorgrav [010117 04:27] wrote: > Alfred Perlstein writes: > > This ought to be documented. > > A good start would be to add example of MODULE_VERSION and > MODULE_DEPEND usage to one of the templates in > /usr/share/examples/kld/. Since I have no clue as to how they work, it'll have to wait until someone who knows how it works does it or I have the time to UTSL. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 8:51:25 2001 Delivered-To: freebsd-net@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 5A0E237B400; Wed, 17 Jan 2001 08:51:04 -0800 (PST) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id RAA43088; Wed, 17 Jan 2001 17:51:00 +0100 (CET) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Alfred Perlstein Cc: Archie Cobbs , Julian Elischer , Jun Kuriyama , net@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: HEADSUP! New netgraph code coming References: <200101162138.NAA10547@curve.dellroad.org> <20010116150038.X7240@fw.wintelcom.net> <20010117084404.L7240@fw.wintelcom.net> From: Dag-Erling Smorgrav Date: 17 Jan 2001 17:50:59 +0100 In-Reply-To: Alfred Perlstein's message of "Wed, 17 Jan 2001 08:44:05 -0800" Message-ID: Lines: 18 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Alfred Perlstein writes: > Since I have no clue as to how they work, it'll have to wait until > someone who knows how it works does it or I have the time to UTSL. MODULE_VERSION(module, version); module is the name of your module. version is the integer version number of your module. MODULE_DEPEND(module, mdepend, vmin, vpref, vmax); mdpepend is the name of the module your module depends on. vmin, vpref, vmac are the minimum, maximum and preferred versions of the module your module depends on. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 9:34:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from anubis.ecci.ucr.ac.cr (anubis.ecci.ucr.ac.cr [163.178.104.133]) by hub.freebsd.org (Postfix) with ESMTP id EB5E137B400; Wed, 17 Jan 2001 09:34:06 -0800 (PST) Received: from localhost (bsolano@localhost) by anubis.ecci.ucr.ac.cr (8.9.3+Sun/8.9.1) with ESMTP id LAA16874; Wed, 17 Jan 2001 11:34:38 -0600 (CST) Date: Wed, 17 Jan 2001 11:34:38 -0600 (CST) From: =?iso-8859-1?Q?Braulio_Jos=E9_Solano_Rojas?= X-Sender: bsolano@anubis To: freebsd-hackers@freebsd.org, freebsd-net@freebsd.org Subject: I have found an error in pccard_ether and I think I solved it. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello! I have FreeBSD 4.1 release. My computer is a laptop, so I use pccards. I found that with /stand/sysinstall the lan can be configured automatically, but for pccards it doesn't work. So, after a debugging of the scripts (just because I like automation and ease of use) I found a mistake in /etc/pccard_ether. I have changed the line 43 and added a new line before, so that line 43 is now line 44. This is the line 43 (the new line 44) after my changes: ' ifconfig ${interface} ${configuration} $* ' And this is the line I added before the line 43 (the new line 43): ' eval configuration=\$ifconfig_${interface} ' I don't now if this problem has been solved before sending this email, but my hope is that I can help. Please, forgive my english. Sincerely yours, Braulio Jose Solano To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 12:23:50 2001 Delivered-To: freebsd-net@freebsd.org Received: from krell.webweaver.net (krell.webweaver.net [64.124.90.11]) by hub.freebsd.org (Postfix) with ESMTP id 486EC37B404; Wed, 17 Jan 2001 12:23:30 -0800 (PST) Received: from xwin.nmhtech.com (xwin.daemontech.net [208.138.46.161]) by krell.webweaver.net (Postfix) with ESMTP id E51C720F04; Wed, 17 Jan 2001 12:23:29 -0800 (PST) Content-Length: 1290 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Wed, 17 Jan 2001 12:23:29 -0800 (PST) From: Nicole To: freebsd-isp@freebsd.org, freebsd-net@freebsd.org Subject: nfs server not responding - is alive again Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Could anyone tell me please why I would receive these messages and what I can do to help avoid them? The servers are not that busy and the NFS connection is on a private 10.0 interconnect between the servers, yet I still get these now and again. Thanks! Nicole > nfs server c1.pic.com:/home/web/WWW: not responding > nfs server c1.pic.com:/home/web/WWW: is alive again > nfs server c1.pic.com:/home/web/WWW: not responding > nfs server c1.pic.com:/home/web/WWW: is alive again > nfs server c1.pic.com:/home/web/WWW: not responding > nfs server c1.pic.com:/home/web/WWW: is alive again > nfs server c1.pic.com:/home/web/WWW: not responding > nfs server c1.pic.com:/home/web/WWW: is alive again nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((---------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- I don't speak for anybody but myself - that's enough trouble -- -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 12:33:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id AA18537B69C; Wed, 17 Jan 2001 12:33:12 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f0HKXCB00257; Wed, 17 Jan 2001 12:33:12 -0800 (PST) Date: Wed, 17 Jan 2001 12:33:12 -0800 From: Alfred Perlstein To: Nicole Cc: freebsd-isp@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: nfs server not responding - is alive again Message-ID: <20010117123311.A7240@fw.wintelcom.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from nicole@unixgirl.com on Wed, Jan 17, 2001 at 12:23:29PM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Nicole [010117 12:25] wrote: > > Hi > Could anyone tell me please why I would receive these messages and what I can > do to help avoid them? > The servers are not that busy and the NFS connection is on a private 10.0 > interconnect between the servers, yet I still get these now and again. NFS sometimes gets a bit picky about the time to return a response, don't worry about it unless you're experiencing hangs or other problems. It's just telling you that there's a fraction of second of lag happening. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 14:32:16 2001 Delivered-To: freebsd-net@freebsd.org Received: from corleone.idealab.com (mx2.idealab.com [64.208.8.4]) by hub.freebsd.org (Postfix) with SMTP id A671B37B400 for ; Wed, 17 Jan 2001 14:31:59 -0800 (PST) Received: (qmail 4857 invoked by alias); 17 Jan 2001 22:31:59 -0000 Received: (qmail 4816 invoked from network); 17 Jan 2001 22:31:58 -0000 Received: from unknown (HELO DOUBLEWIDE.compete.com) (10.5.2.17) by corleone.idealab.com with SMTP; 17 Jan 2001 22:31:58 -0000 Message-Id: <4.3.2.7.2.20010117171651.00b34e08@pop.idealab.com> X-Sender: chris.snell@pop.idealab.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 17 Jan 2001 17:31:57 -0500 To: freebsd-net@freebsd.org From: Chris Snell Subject: SysKonnect full-duplex problems Cc: wpaul@skynet.ctr.columbia.edu Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, We're having problems getting our SysKonnect cards to function in full-duplex mode under FreeBSD on our gigabit ethernet environment. The switch port, on an Extreme Networks 7i, is set to auto-negotiate at 1000Mbit. Here's the problem: If we boot the systems up without any media options set, ifconfig reports them as running at 1000Mbit in half-duplex mode and the switch reports them to be in full-duplex mode. Nevertheless, they *do* function this way, though performance is less than expected. However, if we instruct ifconfig to configure them in full-duplex mode, they do not function at all. When the cards are set in full-duplex, we don't even get a link light and the switch does not register a link, either. Does anyone have any ideas? Here's our setup: FreeBSD 4.2-STABLE, kernel-land is tracking -STABLE up to 2:00pm EST today. user-land is at 4.2-STABLE release. skc0: port 0x2800-0x28ff mem 0xf4000000-0xf4003fff irq 16 at device 16.0 on pci0 skc0: SysKonnect SK-NET Gigabit Ethernet Adapter SK-9843 SX sk0: on skc0 sk0: Ethernet address: 00:00:5a:99:53:80 CPU: Pentium III/Pentium III Xeon/Celeron (796.54-MHz 686-class CPU) Extreme Summit 7i firmware info: Image : Extremeware Version 6.1.5 (Build 20) by Release_Master Sat 09/23/2000 6:56p thanks in advance, Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 17:33:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 4720A37B400 for ; Wed, 17 Jan 2001 17:33:36 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f0I1XME59525; Wed, 17 Jan 2001 17:33:22 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101180133.f0I1XME59525@iguana.aciri.org> Subject: Re: Bridging-Firewall/bandwith limit problem In-Reply-To: from Mark Lastdrager at "Jan 16, 2001 10:49:13 pm" To: mark@pine.nl (Mark Lastdrager) Date: Wed, 17 Jan 2001 17:33:22 -0800 (PST) Cc: ted@wiz.plymouth.edu, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > We had exactly the same problem with 4.1-STABLE or 4.0-STABLE (don't > remember) a while ago. A 'downgrade' to 3.4-RELEASE fixed it, 3.4-STABLE > had the same problem. > > Not much of a solution, but it may be helpful for the developers. again i have not been able to reproduce the problem, but i have just committed some code to RELENG_4 to at least detect, log and obviate to the stalls. I'd be grateful if you could give a try to the new code. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 17 20:59:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from tomts6-srv.bellnexxia.net (smtp.bellnexxia.net [209.226.175.26]) by hub.freebsd.org (Postfix) with ESMTP id AB41137B400 for ; Wed, 17 Jan 2001 20:58:58 -0800 (PST) Received: from johnny2k ([64.229.51.249]) by tomts6-srv.bellnexxia.net (InterMail vM.4.01.03.00 201-229-121) with SMTP id <20010118045857.UTVI6201.tomts6-srv.bellnexxia.net@johnny2k> for ; Wed, 17 Jan 2001 23:58:57 -0500 Message-ID: <002101c0810b$62017560$f933e540@johnny2k> From: "John Telford" To: Subject: Multiple ISP's for outgoing. (or the opposite of P. Brezny's ?) Date: Wed, 17 Jan 2001 23:59:05 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Is there a way to do the opposite of Peter Brezny's question "Redundant connections from separate isp's possible?" He had muliple incoming connections to his Web servers. I have 2 ISP's but almost all of my traffic is from the inside out, employee browsing, ftp downloads. Can (should?) I use a Freebsd box to balance/route the traffic through the 2 connections ? How difficult would it be to setup ? Thanks in advance. John Telford. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 3:27:27 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout00.sul.t-online.com (mailout00.sul.t-online.com [194.25.134.16]) by hub.freebsd.org (Postfix) with ESMTP id 35DAA37B69F for ; Thu, 18 Jan 2001 03:27:10 -0800 (PST) Received: from fwd05.sul.t-online.com by mailout00.sul.t-online.com with smtp id 14JDDg-0005Vw-04; Thu, 18 Jan 2001 12:27:08 +0100 Received: from ramses.local (320080844193-0001@[217.2.172.239]) by fmrl05.sul.t-online.com with esmtp id 14JDDQ-0VSAqmC; Thu, 18 Jan 2001 12:26:52 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14JEAw-0000HP-00 for ; Thu, 18 Jan 2001 13:28:22 +0100 Date: Thu, 18 Jan 2001 13:28:22 +0100 From: Clemens Hermann To: BSD NET-List Subject: Dummynet-ipfw: Invalid Argument Message-ID: <20010118132822.A1040@ramses.local> Mail-Followup-To: Clemens Hermann , BSD NET-List Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I want to use ipfw & dummynet. I recompiled the kernel accordingly (options DUMMYNET is in) and the firewall works. But as soon as I try to set a pipe according to the manpage like this: ipfw add pipe 1 ip from any to any out I get the following error: ipfw: getsockopt(IP_FW_ADD): Invalid argument if I set firewall rules It works perfect, just Dummynet pipes cause problems. I am using FreBSD 4.2 thanks for any hint /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 3:37: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from csunb0.leeds.ac.uk (csunb0.leeds.ac.uk [129.11.144.2]) by hub.freebsd.org (Postfix) with SMTP id 84DCE37B6A3 for ; Thu, 18 Jan 2001 03:36:42 -0800 (PST) Received: from cslin.leeds.ac.uk (csunc0.leeds.ac.uk [129.11.144.3]) by csunb0.leeds.ac.uk (8.6.12/8.6.12) with ESMTP id LAA17244 for ; Thu, 18 Jan 2001 11:34:54 GMT Received: from cslin009.leeds.ac.uk (cslin009 [129.11.146.9]) by cslin.leeds.ac.uk (8.9.3+Sun/) with ESMTP id LAA17040 for ; Thu, 18 Jan 2001 11:34:54 GMT Date: Thu, 18 Jan 2001 11:34:54 +0000 From: Ben Smithurst To: freebsd-net@FreeBSD.org Subject: manual page review: connect(2) EAGAIN error Message-ID: <20010118113453.A25127@comp.leeds.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Does this look reasonable to people? Based on http://www.FreeBSD.org/cgi/query-pr.cgi?pr=24125 --- connect.2 2000/11/22 16:01:11 1.14 +++ connect.2 2001/01/18 11:28:14 @@ -142,6 +142,13 @@ The socket is non-blocking and a previous connection attempt has not yet been completed. +.It Bq Er EAGAIN +A resource was temporarily unavailable. +This could indicate there are no port numbers available for use when a port +number is being chosen automatically. +Increasing the +.Va net.inet.ip.portrange.last +(which defaults to 5000) may help this problem. .El .Pp The following errors are specific to connecting names in the UNIX domain. -- Ben Smithurst / csxbcs@comp.leeds.ac.uk / ben@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 3:57: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from csunb0.leeds.ac.uk (csunb0.leeds.ac.uk [129.11.144.2]) by hub.freebsd.org (Postfix) with SMTP id F35DB37B400 for ; Thu, 18 Jan 2001 03:56:42 -0800 (PST) Received: from cslin.leeds.ac.uk (csunc0.leeds.ac.uk [129.11.144.3]) by csunb0.leeds.ac.uk (8.6.12/8.6.12) with ESMTP id LAA18065 for ; Thu, 18 Jan 2001 11:51:56 GMT Received: from cslin009.leeds.ac.uk (cslin009 [129.11.146.9]) by cslin.leeds.ac.uk (8.9.3+Sun/) with ESMTP id LAA18282 for ; Thu, 18 Jan 2001 11:51:56 GMT Date: Thu, 18 Jan 2001 11:51:55 +0000 From: Ben Smithurst To: freebsd-net@FreeBSD.org Subject: Re: manual page review: connect(2) EAGAIN error Message-ID: <20010118115155.B25127@comp.leeds.ac.uk> References: <20010118113453.A25127@comp.leeds.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010118113453.A25127@comp.leeds.ac.uk> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ben Smithurst wrote: > +This could indicate there are no port numbers available for use when a port > +number is being chosen automatically. > +Increasing the > +.Va net.inet.ip.portrange.last +sysctl variable > +(which defaults to 5000) may help this problem. oops. -- Ben Smithurst / csxbcs@comp.leeds.ac.uk / ben@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 5:15:23 2001 Delivered-To: freebsd-net@freebsd.org Received: from ra.upan.org (upan.org [204.107.76.19]) by hub.freebsd.org (Postfix) with ESMTP id 3561B37B400 for ; Thu, 18 Jan 2001 05:15:06 -0800 (PST) Received: from ocsinternet.com (localhost.upan.org [127.0.0.1]) by ra.upan.org (8.11.1/8.11.1) with ESMTP id f0I8FQn39531; Thu, 18 Jan 2001 08:15:27 GMT (envelope-from mikel@ocsinternet.com) Message-ID: <3A66A61E.EA508907@ocsinternet.com> Date: Thu, 18 Jan 2001 08:15:26 +0000 From: Mikel King X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: John Telford Cc: freebsd-net@FreeBSD.ORG Subject: Re: Multiple ISP's for outgoing. (or the opposite of P. Brezny's ?) References: <002101c0810b$62017560$f933e540@johnny2k> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I would. In fact my company has plans to do that very same thing in the near future...hopefully with BGP... cheers, mikel John Telford wrote: > Is there a way to do the opposite of Peter Brezny's question "Redundant > connections from separate isp's possible?" He had muliple incoming > connections to his Web servers. > I have 2 ISP's but almost all of my traffic is from the inside out, employee > browsing, ftp downloads. Can (should?) I use a Freebsd box to balance/route > the traffic through the 2 connections ? How difficult would it be to setup ? > > Thanks in advance. > John Telford. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 7:43:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id BBDDE37B400 for ; Thu, 18 Jan 2001 07:43:17 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id KAA29005; Thu, 18 Jan 2001 10:43:03 -0500 (EST) (envelope-from wollman) Date: Thu, 18 Jan 2001 10:43:03 -0500 (EST) From: Garrett Wollman Message-Id: <200101181543.KAA29005@khavrinen.lcs.mit.edu> To: Ben Smithurst Cc: freebsd-net@FreeBSD.ORG Subject: manual page review: connect(2) EAGAIN error In-Reply-To: <20010118113453.A25127@comp.leeds.ac.uk> References: <20010118113453.A25127@comp.leeds.ac.uk> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > Does this look reasonable to people? Based on > http://www.FreeBSD.org/cgi/query-pr.cgi?pr=24125 > +.It Bq Er EAGAIN > +A resource was temporarily unavailable. > +This could indicate there are no port numbers available for use when a port > +number is being chosen automatically. If this is the actual error being returned, then the code is wrong. The correct (as defined in XNSv4.2 and POSIX.1-200x) error is [EADDRNOTAVAIL]. (The definition of bind() reinforces this requirement.) [EAGAIN] is equivalent to the traditional BSD [EWOULDBLOCK], and might be used for connects in non-blocking mode. The new specification requires [EINPROGRESS] as the return value for a non-blocking connect, and [EALREADY] for connect on an already-connected socket. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 7:47:22 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 189AF37B401; Thu, 18 Jan 2001 07:47:05 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id KAA29035; Thu, 18 Jan 2001 10:47:00 -0500 (EST) (envelope-from wollman) Date: Thu, 18 Jan 2001 10:47:00 -0500 (EST) From: Garrett Wollman Message-Id: <200101181547.KAA29035@khavrinen.lcs.mit.edu> To: Ben Smithurst Cc: freebsd-net@FreeBSD.ORG, ru@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error In-Reply-To: <20010118115155.B25127@comp.leeds.ac.uk> References: <20010118113453.A25127@comp.leeds.ac.uk> <20010118115155.B25127@comp.leeds.ac.uk> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: >> +Increasing the >> +.Va net.inet.ip.portrange.last > +sysctl variable >> +(which defaults to 5000) may help this problem. We really should define a special markup for these so that it is not necessary to so frequently repeat this. POSIX uses {braces} for potentially-configurable system parameters such as {NGROUPS_MAX} or {PATH_MAX}. I think sysctl(8) nodes are of a similar flavor, so perhaps all we need is a macro for braces (which we already have) and a .Er/.Dv analogue, call it .Sc or something like that. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 7:52:36 2001 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id BC72837B401 for ; Thu, 18 Jan 2001 07:52:19 -0800 (PST) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id IAA74896; Thu, 18 Jan 2001 08:52:17 -0700 (MST) Date: Thu, 18 Jan 2001 08:52:16 -0700 (MST) From: Nick Rogness To: John Telford Cc: freebsd-net@freebsd.org Subject: Re: Multiple ISP's for outgoing. (or the opposite of P. Brezny's ?) In-Reply-To: <002101c0810b$62017560$f933e540@johnny2k> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 17 Jan 2001, John Telford wrote: > Is there a way to do the opposite of Peter Brezny's question "Redundant > connections from separate isp's possible?" He had muliple incoming > connections to his Web servers. > I have 2 ISP's but almost all of my traffic is from the inside out, employee > browsing, ftp downloads. Can (should?) I use a Freebsd box to balance/route > the traffic through the 2 connections ? How difficult would it be to setup ? You SHOULD be able to perform this operation with routing via a routing daemon. Your problem is actually the same as what Peter's problem is...your just looking at it differently. Technical feasiblity will rely a lot on what your network looks like and what your providers are willing to do for you. Load balancing will be a tad more difficult than just redundant routing. These answers are all relative to how you are connected and what your network looks like. Most likely, BGP will be your answer. Best of luck. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 8: 6: 7 2001 Delivered-To: freebsd-net@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 0429537B402 for ; Thu, 18 Jan 2001 08:05:46 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.0/8.11.0) id f0IG3XV90300; Thu, 18 Jan 2001 18:03:33 +0200 (EET) (envelope-from ru) Date: Thu, 18 Jan 2001 18:03:33 +0200 From: Ruslan Ermilov To: Garrett Wollman Cc: Ben Smithurst , freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error Message-ID: <20010118180333.A89516@sunbay.com> Mail-Followup-To: Garrett Wollman , Ben Smithurst , freebsd-net@FreeBSD.ORG References: <20010118113453.A25127@comp.leeds.ac.uk> <20010118115155.B25127@comp.leeds.ac.uk> <200101181547.KAA29035@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101181547.KAA29035@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Thu, Jan 18, 2001 at 10:47:00AM -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Jan 18, 2001 at 10:47:00AM -0500, Garrett Wollman wrote: > < said: > > >> +Increasing the > >> +.Va net.inet.ip.portrange.last > > +sysctl variable > >> +(which defaults to 5000) may help this problem. > > We really should define a special markup for these so that it is not > necessary to so frequently repeat this. > > POSIX uses {braces} for potentially-configurable system parameters > such as {NGROUPS_MAX} or {PATH_MAX}. I think sysctl(8) nodes are of > a similar flavor, so perhaps all we need is a macro for braces (which > we already have) and a .Er/.Dv analogue, call it .Sc or something like > that. > The {braces} macro is only provided in mdocNG as .Brq or .Bro/.Brc pair. mdoc(7) already has the .Va (generic) macro for variables. So I think the ``.Brq Va sysctl.variable'' should be used. Why introduce .Sc? Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 8:27:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id A996737B699; Thu, 18 Jan 2001 08:27:34 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id LAA00416; Thu, 18 Jan 2001 11:26:57 -0500 (EST) (envelope-from wollman) Date: Thu, 18 Jan 2001 11:26:57 -0500 (EST) From: Garrett Wollman Message-Id: <200101181626.LAA00416@khavrinen.lcs.mit.edu> To: Ruslan Ermilov Cc: freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error In-Reply-To: <20010118180333.A89516@sunbay.com> References: <20010118113453.A25127@comp.leeds.ac.uk> <20010118115155.B25127@comp.leeds.ac.uk> <200101181547.KAA29035@khavrinen.lcs.mit.edu> <20010118180333.A89516@sunbay.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > the ``.Brq Va sysctl.variable'' should be used. Why introduce .Sc? For the same reason as we have .Er in addition to .Dv. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 11:13:36 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout05.sul.t-online.com (mailout05.sul.t-online.com [194.25.134.82]) by hub.freebsd.org (Postfix) with ESMTP id D1E1E37B402 for ; Thu, 18 Jan 2001 11:13:18 -0800 (PST) Received: from fwd05.sul.t-online.com by mailout05.sul.t-online.com with smtp id 14JKUn-0004IU-00; Thu, 18 Jan 2001 20:13:17 +0100 Received: from ramses.local (320080844193-0001@[217.2.186.18]) by fmrl05.sul.t-online.com with esmtp id 14JKUc-1TYBXsC; Thu, 18 Jan 2001 20:13:06 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14JLS7-0000hs-00 for ; Thu, 18 Jan 2001 21:14:35 +0100 Date: Thu, 18 Jan 2001 21:14:35 +0100 From: Clemens Hermann To: freebsd-net@freebsd.org Subject: Re: Dummynet-ipfw: Invalid Argument - SOLVED Message-ID: <20010118211435.B1599@ramses.local> Mail-Followup-To: Clemens Hermann , freebsd-net@freebsd.org References: <20010118132822.A1040@ramses.local> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010118132822.A1040@ramses.local> von Clemens Hermann am 18.Jan.2001 um 13:28:22 (+0100) X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Am 18.01.2001 um 13:28:22 schrieb Clemens Hermann: Hi, problem solved, one should not forget make clean before recompiling ;-) /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 11:37:30 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout03.sul.t-online.com (mailout03.sul.t-online.com [194.25.134.81]) by hub.freebsd.org (Postfix) with ESMTP id 0102237B400 for ; Thu, 18 Jan 2001 11:37:12 -0800 (PST) Received: from fwd01.sul.t-online.com by mailout03.sul.t-online.com with smtp id 14JKru-0005ut-09; Thu, 18 Jan 2001 20:37:10 +0100 Received: from ramses.local (320080844193-0001@[217.2.186.18]) by fmrl01.sul.t-online.com with esmtp id 14JKrm-1n0G3MC; Thu, 18 Jan 2001 20:37:02 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14JLpG-0000mK-00 for ; Thu, 18 Jan 2001 21:38:30 +0100 Date: Thu, 18 Jan 2001 21:38:30 +0100 From: Clemens Hermann To: BSD NET-List Subject: dummynet has no effect Message-ID: <20010118213830.A2940@ramses.local> Mail-Followup-To: Clemens Hermann , BSD NET-List Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi again, I want to limit the bandwith for each IP accessing my computer to 128KBit/s (2*ISDN). So I added the following rules to ipfw: ipfw add pipe 1 ip from any to any ipfw add pipe 2 tcp from any to any ipfw add pipe 3 udp from any to any ipfw add pipe 4 icmp from any to any ipfw pipe 1 config bw 128KBit/s queue 10 ipfw pipe 2 config bw 128KBit/s queue 10 ipfw pipe 3 config bw 128KBit/s queue 10 ipfw pipe 4 config bw 128KBit/s queue 10 if I make "ipfw list" I can see the four pipes. But If I download something to the server I get *much* more bandwith than 128 KBit/s. It is the same as without the pipes. Did I miss anything? Thanks in advance for any hints /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 11:42: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id DB4BC37B400 for ; Thu, 18 Jan 2001 11:41:43 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f0IJfe466702; Thu, 18 Jan 2001 11:41:40 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101181941.f0IJfe466702@iguana.aciri.org> Subject: Re: dummynet has no effect In-Reply-To: <20010118213830.A2940@ramses.local> from Clemens Hermann at "Jan 18, 2001 9:38:30 pm" To: haribeau@gmx.de (Clemens Hermann) Date: Thu, 18 Jan 2001 11:41:40 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org KB stands for kbytes not bits. "ipfw pipe show" should tell you what is going wrong luigi > > I want to limit the bandwith for each IP accessing my computer to > 128KBit/s (2*ISDN). So I added the following rules to ipfw: > > ipfw add pipe 1 ip from any to any > ipfw add pipe 2 tcp from any to any > ipfw add pipe 3 udp from any to any > ipfw add pipe 4 icmp from any to any > ipfw pipe 1 config bw 128KBit/s queue 10 > ipfw pipe 2 config bw 128KBit/s queue 10 > ipfw pipe 3 config bw 128KBit/s queue 10 > ipfw pipe 4 config bw 128KBit/s queue 10 > > if I make "ipfw list" I can see the four pipes. But If I download > something to the server I get *much* more bandwith than 128 KBit/s. It is > the same as without the pipes. Did I miss anything? > > Thanks in advance for any hints > > /ch > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 11:55:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout01.sul.t-online.com (mailout01.sul.t-online.com [194.25.134.80]) by hub.freebsd.org (Postfix) with ESMTP id 40B1637B400 for ; Thu, 18 Jan 2001 11:54:52 -0800 (PST) Received: from fwd03.sul.t-online.com by mailout01.sul.t-online.com with smtp id 14JL8v-0002ZI-0B; Thu, 18 Jan 2001 20:54:45 +0100 Received: from ramses.local (320080844193-0001@[217.2.186.18]) by fmrl03.sul.t-online.com with esmtp id 14JL8n-09y9wWC; Thu, 18 Jan 2001 20:54:37 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14JM6H-0000qu-00; Thu, 18 Jan 2001 21:56:05 +0100 Date: Thu, 18 Jan 2001 21:56:05 +0100 From: Clemens Hermann To: Luigi Rizzo Cc: freebsd-net@freebsd.org Subject: Re: dummynet has no effect Message-ID: <20010118215605.C2940@ramses.local> Mail-Followup-To: Clemens Hermann , Luigi Rizzo , freebsd-net@freebsd.org References: <20010118213830.A2940@ramses.local> <200101181941.f0IJfe466702@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101181941.f0IJfe466702@iguana.aciri.org> von Luigi Rizzo am 18.Jan.2001 um 11:41:40 (-0800) X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Am 18.01.2001 um 11:41:40 schrieb Luigi Rizzo: Hi Luigi, thanks again for your help > KB stands for kbytes not bits. "ipfw pipe show" should tell > you what is going wrong it shows the following: 0001: 128.000 kbit/s 0 ms 10 sl. 0 queues (1 buckets) droptail maks: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 the same for the other three pipes, just with 0002/0003/0004 at the beginning. Seems as if the shown kbit value is correct, but I still get much more bandwith. Any ideas? /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 11:58:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id A9C4137B400 for ; Thu, 18 Jan 2001 11:57:54 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f0IJvpX66837; Thu, 18 Jan 2001 11:57:51 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101181957.f0IJvpX66837@iguana.aciri.org> Subject: Re: dummynet has no effect In-Reply-To: <20010118215605.C2940@ramses.local> from Clemens Hermann at "Jan 18, 2001 9:56: 5 pm" To: haribeau@gmx.de (Clemens Hermann) Date: Thu, 18 Jan 2001 11:57:51 -0800 (PST) Cc: rizzo@aciri.org, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org apparently no traffic is matching the pipe. what does "ipfw show" says ? cheers luigi > > Hi Luigi, > > thanks again for your help > > > KB stands for kbytes not bits. "ipfw pipe show" should tell > > you what is going wrong > > it shows the following: > > 0001: 128.000 kbit/s 0 ms 10 sl. 0 queues (1 buckets) droptail > maks: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > > the same for the other three pipes, just with 0002/0003/0004 at the > beginning. > > Seems as if the shown kbit value is correct, but I still get much more > bandwith. > > Any ideas? > > /ch > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 12:16:14 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout01.sul.t-online.com (mailout01.sul.t-online.com [194.25.134.80]) by hub.freebsd.org (Postfix) with ESMTP id 1077437B69C for ; Thu, 18 Jan 2001 12:15:55 -0800 (PST) Received: from fwd04.sul.t-online.com by mailout01.sul.t-online.com with smtp id 14JLTI-0004Mk-01; Thu, 18 Jan 2001 21:15:48 +0100 Received: from ramses.local (320080844193-0001@[217.2.186.18]) by fmrl04.sul.t-online.com with esmtp id 14JLT8-0KqgueC; Thu, 18 Jan 2001 21:15:38 +0100 Received: from haribeau by ramses.local with local (Exim 3.12 #1 (Debian)) id 14JMQc-0000w0-00; Thu, 18 Jan 2001 22:17:06 +0100 Date: Thu, 18 Jan 2001 22:17:06 +0100 From: Clemens Hermann To: Luigi Rizzo Cc: freebsd-net@freebsd.org Subject: Re: dummynet has no effect Message-ID: <20010118221706.D2940@ramses.local> Mail-Followup-To: Clemens Hermann , Luigi Rizzo , freebsd-net@freebsd.org References: <20010118215605.C2940@ramses.local> <200101181957.f0IJvpX66837@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101181957.f0IJvpX66837@iguana.aciri.org> von Luigi Rizzo am 18.Jan.2001 um 11:57:51 (-0800) X-Mailer: Mutt 1.2.5i (Linux 2.2.17 i586) X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Am 18.01.2001 um 11:57:51 schrieb Luigi Rizzo: Hi Luigi, > apparently no traffic is matching the pipe. that's the point. I rearranged the rules - Now it works ;-). Is there a way to limit just *any* traffic so that you have not to specify the protocol (ip/tcp/udp/icmp). I did not find anything like a wildcard protocol assignment in the manpage. thanks /ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 13:58:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from typhoon.direct-internet.net (unknown [207.245.193.3]) by hub.freebsd.org (Postfix) with ESMTP id 58C1337B401; Thu, 18 Jan 2001 13:57:53 -0800 (PST) Received: from Direct (volcano.direct-internet.net [207.245.193.37]) by typhoon.direct-internet.net (8.11.1/8.11.1) with SMTP id f0IMAwh99655; Thu, 18 Jan 2001 17:10:59 -0500 (EST) (envelope-from info@direct-internet.net) Message-ID: <031601c08199$f5daa3e0$25c1f5cf@directinternet.net> From: "Direct Internet Access--INFO" To: "Jorge Peixoto Vasquez" , Cc: , References: <5077.979084280@coconut.itojun.org> Subject: Re: Messaging Date: Thu, 18 Jan 2001 16:59:39 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 Disposition-Notification-To: "Direct Internet Access--INFO" X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Unique Messaging Solutions: It's not just about email anymore. Built on advanced messaging technology, we offer Internet messaging infrastructure solutions for corporations and service providers such as ISPs, telcos and portals. Fully scalable, our solutions enable customers to manage the technological complexities associated with messaging and to stay competitive with the latest features, while simultaneously reducing costs and easing IT burdens. Our flexible "Allsource" deployment model enables customers to either outsource, midsource or insource- whatever makes the most sense for each individual business. We're uniquely positioned to develop a strategic upgrade path based on the combination of customer needs and the evolution of messaging technology. Our customers include E-bay, Bell, AT&T, AOL, 3Com, CNET, ICQ, Yahoo, Nokia etc. InScribeT From email to secure file sharing, Internet fax, groupware and message boards. InJoinT Directory, meta-directory and advanced data integration solutions that will help you keep up with today's ebusiness demands. InVokeT Leading-edge solutions that enable wireless messaging for corporations, service providers, and portals. InOneT An integrated messaging and collaboration suite that combines several of Critical Path's most popular services. InScheduleT Web-based calendaring and event management tools. InLineT Web-based solutions for shared resource scheduling, project management and collaboration. InTouchT Our skilled professional services consultants work closely with customers and partners to successfully design and deploy complex messaging infrastructures, including: Initial requirements analysis and integration planning Installation and deployment Project management of the roll-out phase Ongoing support. Please contact Chris Christenson Critical Path Account Executive direct: 480-785-3752 fax: 602-530-3775 email: chrisc@cp.net www.cp.net Critical Path: Forbes' #1 "Best-Managed, Fastest Growing Tech Company In The World" http://www.forbes.com/asap/00/0403/101.htm http://specials.ft.com/ftit/december2000/FT3Q10XXAGC.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 14: 9:48 2001 Delivered-To: freebsd-net@freebsd.org Received: from gecko.eric.net.au (gecko.eric.net.au [203.102.228.3]) by hub.freebsd.org (Postfix) with ESMTP id 11F3537B401 for ; Thu, 18 Jan 2001 14:09:28 -0800 (PST) Received: (from ghcrompton@localhost) by gecko.eric.net.au (8.9.3/8.8.7) id JAA20394 for freebsd-net@freebsd.org; Fri, 19 Jan 2001 09:12:29 +1100 Date: Fri, 19 Jan 2001 09:12:29 +1100 From: "Geoffrey Crompton (RMIT Guest)" To: freebsd-net@freebsd.org Subject: kernel to userland communication Message-ID: <20010119091229.A20358@gecko.eric.net.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3us Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm writing an interface to implement something like the DTI interface from draft-ietf-ngtrans-dstm-03.txt As part of that, I need to have a userland daemon (a modified dhcp client) assign an address to the interface, which is easy using the ioctl mechanism. The tricky bit is finding a way for the interface in the kernel to tell the userland dhcp process that it would now like an address to be assigned to it. (In the draft the interface waits until it has an IPv4 packet to send before it tries to acquire a temporary IPv4 address). I _think_ that in the inria stack they use the routing socket, but I don't understand how they use the routing socket. Any ideas? Thanks, Geoff Crompton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 18 14:44:35 2001 Delivered-To: freebsd-net@freebsd.org Received: from home.certto.com.br (home.certto.com.br [200.250.15.3]) by hub.freebsd.org (Postfix) with ESMTP id 585DC37B401 for ; Thu, 18 Jan 2001 14:44:16 -0800 (PST) Received: from micro11 (micro2.certto.com.br [200.250.15.11]) by home.certto.com.br (8.11.1/8.11.1) with SMTP id f0IMhqv19248 for ; Thu, 18 Jan 2001 20:43:54 -0200 Message-ID: <007a01c081a0$90f06d00$0b0ffac8@certto.com.br> From: "Luis Fernando Enciso" To: References: <200101180133.f0I1XME59525@iguana.aciri.org> Subject: Re: Bridging-Firewall/bandwith limit problem Date: Thu, 18 Jan 2001 20:46:57 -0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > i have just committed some code to RELENG_4 to at least > detect, log and obviate to the stalls. > I'd be grateful if you could give a try to the new code. > > cheers > luigi Hello, (Sorry if my english is not so good...) I have a FreBSD 4.2 RELEASE box which act to brigde/dummynet, and a few days (2 weeks) ago I run CVSup and update the /usr/src/sys source. My problem is just "...the potential panic when bridging is used..." (according to CVSup log). The kernel has panic when bridge/dummynet works. In my supfile, the option "tag" is "RELENG_4_2_RELEASE", and when run cvsup (today, a few minutes ago), don't get any update. I think that this occurs because the "tag" option. My question: If I change the "tag" option to "RELENG_4", my source will stay according RELENG_4_2_RELEASE and updated (ip_dummynet.c and ip_dummynet.h) or will modified to RELENG_4? If the update with cvsup is not a good idea in this case, what I do? or... Any hint? Thanks. --------------------------------------------- Luis Fernando Enciso - lfenciso@certto.com.br System Administrator Certto Internet (http://www.certto.com.br) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 19 2:22:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from csunb0.leeds.ac.uk (csunb0.leeds.ac.uk [129.11.144.2]) by hub.freebsd.org (Postfix) with SMTP id C78A037B400 for ; Fri, 19 Jan 2001 02:21:53 -0800 (PST) Received: from cslin.leeds.ac.uk (csunc0.leeds.ac.uk [129.11.144.3]) by csunb0.leeds.ac.uk (8.6.12/8.6.12) with ESMTP id KAA14549; Fri, 19 Jan 2001 10:19:16 GMT Received: from cslin013.leeds.ac.uk (cslin013 [129.11.146.13]) by cslin.leeds.ac.uk (8.9.3+Sun/) with ESMTP id KAA15674; Fri, 19 Jan 2001 10:19:16 GMT Date: Fri, 19 Jan 2001 10:19:15 +0000 From: Ben Smithurst To: Garrett Wollman Cc: freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error Message-ID: <20010119101915.B16961@comp.leeds.ac.uk> References: <20010118113453.A25127@comp.leeds.ac.uk> <200101181543.KAA29005@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101181543.KAA29005@khavrinen.lcs.mit.edu> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Garrett Wollman wrote: > [EAGAIN] is equivalent to the traditional BSD [EWOULDBLOCK], and might > be used for connects in non-blocking mode. oops, I forgot that this is for non-blocking sockets... +.It Bq Er EAGAIN +A resource was temporarily unavailable when connecting a socket in +non-blocking mode. +This could indicate there are no port numbers available for use when a port +number is being chosen automatically. +Increasing the +.Va net.inet.ip.portrange.last +.Xr sysctl 8 +variable (which defaults to 5000) may help this problem. Any better? -- Ben Smithurst / csxbcs@comp.leeds.ac.uk / ben@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 19 7:57:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 6840D37B6A0 for ; Fri, 19 Jan 2001 07:57:41 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id KAA10198; Fri, 19 Jan 2001 10:57:39 -0500 (EST) (envelope-from wollman) Date: Fri, 19 Jan 2001 10:57:39 -0500 (EST) From: Garrett Wollman Message-Id: <200101191557.KAA10198@khavrinen.lcs.mit.edu> To: Ben Smithurst Cc: freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error In-Reply-To: <20010119101915.B16961@comp.leeds.ac.uk> References: <20010118113453.A25127@comp.leeds.ac.uk> <200101181543.KAA29005@khavrinen.lcs.mit.edu> <20010119101915.B16961@comp.leeds.ac.uk> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > +.It Bq Er EAGAIN > +A resource was temporarily unavailable when connecting a socket in > +non-blocking mode. > +This could indicate there are no port numbers available for use when a port > +number is being chosen automatically. > +Increasing the > +.Va net.inet.ip.portrange.last > +.Xr sysctl 8 > +variable (which defaults to 5000) may help this problem. > Any better? No -- if the code actually implements that, it's wrong. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 19 8:25:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id D790037B404 for ; Fri, 19 Jan 2001 08:25:11 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14JeSU-0000BT-00; Fri, 19 Jan 2001 09:32:14 -0700 Message-ID: <3A686C0E.D48EC7E9@softweyr.com> Date: Fri, 19 Jan 2001 09:32:14 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Garrett Wollman Cc: Ben Smithurst , freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error References: <20010118113453.A25127@comp.leeds.ac.uk> <200101181543.KAA29005@khavrinen.lcs.mit.edu> <20010119101915.B16961@comp.leeds.ac.uk> <200101191557.KAA10198@khavrinen.lcs.mit.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Garrett Wollman wrote: > > < said: > > > +.It Bq Er EAGAIN > > +A resource was temporarily unavailable when connecting a socket in > > +non-blocking mode. > > +This could indicate there are no port numbers available for use when a port > > +number is being chosen automatically. > > +Increasing the > > +.Va net.inet.ip.portrange.last > > +.Xr sysctl 8 > > +variable (which defaults to 5000) may help this problem. > > > Any better? > > No -- if the code actually implements that, it's wrong. If the code implements what? Returning EAGAIN when no ephemeral ports are available? That is all the above really says, and then provides a hint as to how to fix it. The description is a little simplistic, as it misses the lowfirst-lowlast and highfirst-highlast ranges. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 19 9:36:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 69AA037B400 for ; Fri, 19 Jan 2001 09:36:38 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id MAA10929; Fri, 19 Jan 2001 12:36:27 -0500 (EST) (envelope-from wollman) Date: Fri, 19 Jan 2001 12:36:27 -0500 (EST) From: Garrett Wollman Message-Id: <200101191736.MAA10929@khavrinen.lcs.mit.edu> To: Wes Peters Cc: freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error In-Reply-To: <3A686C0E.D48EC7E9@softweyr.com> References: <20010118113453.A25127@comp.leeds.ac.uk> <200101181543.KAA29005@khavrinen.lcs.mit.edu> <20010119101915.B16961@comp.leeds.ac.uk> <200101191557.KAA10198@khavrinen.lcs.mit.edu> <3A686C0E.D48EC7E9@softweyr.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > If the code implements what? Returning EAGAIN when no ephemeral ports are > available? That is all the above really says, and then provides a hint > as to how to fix it. The description is a little simplistic, as it misses > the lowfirst-lowlast and highfirst-highlast ranges. If no ports are available, the correct (Standard) error is [EADDRNOTAVAIL], regardless of whether the socket is in blocking or non-blocking mode. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 19 11:42:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from motgate2.mot.com (motgate2.mot.com [136.182.1.10]) by hub.freebsd.org (Postfix) with ESMTP id 8865A37B401 for ; Fri, 19 Jan 2001 11:42:22 -0800 (PST) Received: [from mothost.mot.com (mothost.mot.com [129.188.137.101]) by motgate2.mot.com (motgate2 2.1) with ESMTP id MAA02285 for ; Fri, 19 Jan 2001 12:41:55 -0700 (MST)] Received: [from m-il06-r1.mot.com (m-il06-r1.mot.com [129.188.137.193]) by mothost.mot.com (MOT-mothost 2.0) with ESMTP id MAA01374 for ; Fri, 19 Jan 2001 12:41:54 -0700 (MST)] Received: from pobox.cstl.labs.mot.com by m-il06-r1.mot.com with ESMTP for freebsd-net@FreeBSD.ORG; Fri, 19 Jan 2001 12:41:52 -0700 Received: from labs.mot.com ([173.23.93.6]) by pobox.cstl.labs.mot.com (Netscape Messaging Server 4.15) with ESMTP id G7FDDS00.8KU for ; Fri, 19 Jan 2001 13:41:52 -0600 Message-Id: <3A68987F.A8D51A80@labs.mot.com> Date: Fri, 19 Jan 2001 13:41:51 -0600 From: Joseph E Eggleston Reply-To: "Joe.Eggleston" Organization: Motorola Labs X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.16-1dac i686) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@FreeBSD.ORG Subject: ipv6 rc.conf Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi all, I want to have a host use ipv6 to autoconfigure its interface, but then add a couple ipv6 alias addresses to the same interface. The end goal is to configure the interface with its autoconf address and some statically assigned addresses. Is it possible to do this using rc.conf settings? I tried adding lines like: ipv6_ifconfig_xl0="3ffe:b00:4025::a prefixlen 64" ... But only the last such line gets used and this also turns off autoconf. Is there a correct way to do this? thanks, Joe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 19 16:38:43 2001 Delivered-To: freebsd-net@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id 97B6537B401 for ; Fri, 19 Jan 2001 16:38:25 -0800 (PST) Received: by bazooka.unixfreak.org (Postfix, from userid 1000) id 5FD213E02; Fri, 19 Jan 2001 16:38:25 -0800 (PST) Received: from unixfreak.org (localhost [127.0.0.1]) by bazooka.unixfreak.org (Postfix) with ESMTP id 5E3E43C10A; Fri, 19 Jan 2001 16:38:25 -0800 (PST) To: Garrett Wollman Cc: Wes Peters , freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error In-Reply-To: Message from Garrett Wollman of "Fri, 19 Jan 2001 12:36:27 EST." <200101191736.MAA10929@khavrinen.lcs.mit.edu> Date: Fri, 19 Jan 2001 16:38:20 -0800 From: Dima Dorfman Message-Id: <20010120003825.5FD213E02@bazooka.unixfreak.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > < said: > > > If the code implements what? Returning EAGAIN when no ephemeral ports are > > available? That is all the above really says, and then provides a hint > > as to how to fix it. The description is a little simplistic, as it misses > > the lowfirst-lowlast and highfirst-highlast ranges. > > If no ports are available, the correct (Standard) error is > [EADDRNOTAVAIL], regardless of whether the socket is in blocking or > non-blocking mode. The code does indeed seem to implement this. The patch below is a possible remedy. I only tested some very simple cases, but it does seem to work. Also, judging from the comments above the changed lines (not in the diff), it looks like this is the right place. As far as I can tell, function changed, in_pcbbind, is called on blocking and non-blocking sockets alike. My tests also show that EAGAIN was being returned on blocking sockets when all ports were in use (just wanted to clear that up; the patch seems to just use non-blocking sockets as an example, anyway). Dima Dorfman dima@unixfreak.org Index: in_pcb.c =================================================================== RCS file: /st/src/FreeBSD/src/sys/netinet/in_pcb.c,v retrieving revision 1.71 diff -u -r1.71 in_pcb.c --- in_pcb.c 2000/12/27 03:02:29 1.71 +++ in_pcb.c 2001/01/20 00:31:27 @@ -313,7 +313,7 @@ * occurred above. */ inp->inp_laddr.s_addr = INADDR_ANY; - return (EAGAIN); + return (EADDRNOTAVAIL); } --*lastport; if (*lastport > first || *lastport < last) @@ -334,7 +334,7 @@ * occurred above. */ inp->inp_laddr.s_addr = INADDR_ANY; - return (EAGAIN); + return (EADDRNOTAVAIL); } ++*lastport; if (*lastport < first || *lastport > last) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 7: 2:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id 365A137B401 for ; Sat, 20 Jan 2001 07:02:36 -0800 (PST) Received: from localhost (IDENT:TuC/0jtAWwgUvNtmk1VhFs1SAZMbBFUjfS81GeFuki3/1ApIOGe41wzciQSgQhGA@localhost [::1]) (authenticated) by peace.mahoroba.org (8.11.2/8.11.2/peace) with ESMTP/inet6 id f0KF1ba86518; Sun, 21 Jan 2001 00:01:40 +0900 (JST) (envelope-from ume@FreeBSD.org) Date: Sun, 21 Jan 2001 00:01:36 +0900 (JST) Message-Id: <20010121.000136.71177116.ume@FreeBSD.org> To: Joe_Eggleston-CJE136@email.mot.com Cc: freebsd-net@FreeBSD.ORG Subject: Re: ipv6 rc.conf From: Hajimu UMEMOTO In-Reply-To: <3A68987F.A8D51A80@labs.mot.com> References: <3A68987F.A8D51A80@labs.mot.com> X-Mailer: xcite1.38> Mew version 1.95b97 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, >>>>> On Fri, 19 Jan 2001 13:41:51 -0600 >>>>> Joseph E Eggleston said: Joseph> I want to have a host use ipv6 to autoconfigure its interface, but then Joseph> add a couple ipv6 alias addresses to the same interface. The end goal is Joseph> to configure the interface with its autoconf address and some statically Joseph> assigned addresses. Joseph> Is it possible to do this using rc.conf settings? No. Joseph> I tried adding lines like: Joseph> ipv6_ifconfig_xl0="3ffe:b00:4025::a prefixlen 64" Joseph> ... Joseph> But only the last such line gets used and this also turns off autoconf. Joseph> Is there a correct way to do this? It is expected behavior. Mixing automatic configuration and static configuration may cause conflict, and cannot estimate the influence. So, current rc.network6 has been made these exclusive for safety. However, if you DO want to use automatic and static on same interface, you still may be able to use ifconfig_xxx with inet6 flag in that argument instead of ipv6_ifconfig_xxx. But, I don't recommend. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 10:36:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from ns2.its-sby.edu (mail.its-sby.edu [203.130.251.19]) by hub.freebsd.org (Postfix) with ESMTP id C0AB837B402 for ; Sat, 20 Jan 2001 10:30:08 -0800 (PST) Received: from localhost (roy@localhost) by ns2.its-sby.edu (8.9.3/8.9.3) with ESMTP id LAA72037; Tue, 16 Jan 2001 11:19:24 +0700 (JAVT) (envelope-from roy@its-sby.edu) Date: Tue, 16 Jan 2001 11:19:24 +0700 (JAVT) From: "Royyana M. Ijtihadie" To: Clemens Hermann Cc: BSD NET-List Subject: Re: bandwith limitation In-Reply-To: <20010115222805.A1276@ramses.local> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org would you like to explain this ? i'm very interesting of that.. Wassalam... Royyana M. Ijtihadie ---------------------------------------------------------------------------------------------------------------------- :) 1+1 = 4/2 On Mon, 15 Jan 2001, Clemens Hermann wrote: > Hi together, > > for quite a while I have been looking around for a way to limit the bandwith > for each IP that accesses my server. I want to slow down any connektion > to 128 KBit/s. > The only thing I found was Dummynet in combination with ipfw. I am using > ipf as firewall an for IP-accounting. It does a very good job and I > really do not want to miss it. Is there any way besides dummynet to get > bandwith limitation to run on my FreeBSD 4.2 box? > > thanks a lot > > /clemens > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 13:20:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from csunb0.leeds.ac.uk (csunb0.leeds.ac.uk [129.11.144.2]) by hub.freebsd.org (Postfix) with SMTP id 054EC37B402 for ; Sat, 20 Jan 2001 13:20:16 -0800 (PST) Received: from cslin.leeds.ac.uk (csunc0.leeds.ac.uk [129.11.144.3]) by csunb0.leeds.ac.uk (8.6.12/8.6.12) with ESMTP id VAA15483; Sat, 20 Jan 2001 21:07:11 GMT Received: from cslin-gps.comp (cslin-gps [129.11.144.9]) by cslin.leeds.ac.uk (8.9.3+Sun/) with ESMTP id VAA05058; Sat, 20 Jan 2001 21:07:12 GMT Date: Sat, 20 Jan 2001 21:07:11 +0000 From: Ben Smithurst To: Garrett Wollman Cc: freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error Message-ID: <20010120210711.B30733@comp.leeds.ac.uk> References: <20010118113453.A25127@comp.leeds.ac.uk> <200101181543.KAA29005@khavrinen.lcs.mit.edu> <20010119101915.B16961@comp.leeds.ac.uk> <200101191557.KAA10198@khavrinen.lcs.mit.edu> <20010120210514.A30733@comp.leeds.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010120210514.A30733@comp.leeds.ac.uk> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > if (count-- < 0) { /* completely used? */ > /* > * Undo any address bind that may have > * occurred above. > */ > inp->inp_laddr.s_addr = INADDR_ANY; > return (EAGAIN); > } > > ... > > What *should* it return? oops, looks like you already answered that (EADDRNOTAVAIL) in your last message. sorry. If you fix the code to return EADDRNOTAVAIL then the PR can be closed as it will no longer apply. -- Ben Smithurst / csxbcs@comp.leeds.ac.uk / ben@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 13:20:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from csunb0.leeds.ac.uk (csunb0.leeds.ac.uk [129.11.144.2]) by hub.freebsd.org (Postfix) with SMTP id AFF0737B699 for ; Sat, 20 Jan 2001 13:20:17 -0800 (PST) Received: from cslin.leeds.ac.uk (csunc0.leeds.ac.uk [129.11.144.3]) by csunb0.leeds.ac.uk (8.6.12/8.6.12) with ESMTP id VAA15465; Sat, 20 Jan 2001 21:05:14 GMT Received: from cslin-gps.comp (cslin-gps [129.11.144.9]) by cslin.leeds.ac.uk (8.9.3+Sun/) with ESMTP id VAA05009; Sat, 20 Jan 2001 21:05:15 GMT Date: Sat, 20 Jan 2001 21:05:15 +0000 From: Ben Smithurst To: Garrett Wollman Cc: freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error Message-ID: <20010120210514.A30733@comp.leeds.ac.uk> References: <20010118113453.A25127@comp.leeds.ac.uk> <200101181543.KAA29005@khavrinen.lcs.mit.edu> <20010119101915.B16961@comp.leeds.ac.uk> <200101191557.KAA10198@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101191557.KAA10198@khavrinen.lcs.mit.edu> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Garrett Wollman wrote: > < said: > >> +.It Bq Er EAGAIN >> +A resource was temporarily unavailable when connecting a socket in >> +non-blocking mode. >> +This could indicate there are no port numbers available for use when a port >> +number is being chosen automatically. >> +Increasing the >> +.Va net.inet.ip.portrange.last >> +.Xr sysctl 8 >> +variable (which defaults to 5000) may help this problem. > >> Any better? > > No -- if the code actually implements that, it's wrong. Fix the damn code then, I'm just a docs committer (in theory). And the code certainly does seem to do this, check in_pcb.c: if (first > last) { /* * counting down */ count = first - last; do { if (count-- < 0) { /* completely used? */ /* * Undo any address bind that may have * occurred above. */ inp->inp_laddr.s_addr = INADDR_ANY; return (EAGAIN); } ... What *should* it return? -- Ben Smithurst / csxbcs@comp.leeds.ac.uk / ben@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 15:47:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id A04CC37B400 for ; Sat, 20 Jan 2001 15:47:41 -0800 (PST) Received: by bazooka.unixfreak.org (Postfix, from userid 1000) id E74B53E02; Sat, 20 Jan 2001 15:47:40 -0800 (PST) Received: from unixfreak.org (localhost [127.0.0.1]) by bazooka.unixfreak.org (Postfix) with ESMTP id E0B013C10A; Sat, 20 Jan 2001 15:47:40 -0800 (PST) To: Ben Smithurst Cc: Garrett Wollman , freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error In-Reply-To: Message from Ben Smithurst of "Sat, 20 Jan 2001 21:07:11 GMT." <20010120210711.B30733@comp.leeds.ac.uk> Date: Sat, 20 Jan 2001 15:47:35 -0800 From: Dima Dorfman Message-Id: <20010120234740.E74B53E02@bazooka.unixfreak.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > oops, looks like you already answered that (EADDRNOTAVAIL) in your last > message. sorry. If you fix the code to return EADDRNOTAVAIL then the PR > can be closed as it will no longer apply. I sent a patch to fix this in a response to this thread, but it seems noone noticed. You can find the e-mail here: http://docs.FreeBSD.org/cgi/getmsg.cgi?fetch=220467+0+current/freebsd-net Dima Dorfman dima@unixfreak.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 17: 1:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from paprika.michvhf.com (adsl-pool25-172.detroit.mi.ameritech.net [64.108.58.172]) by hub.freebsd.org (Postfix) with SMTP id ACF0A37B404 for ; Sat, 20 Jan 2001 17:01:42 -0800 (PST) Received: (qmail 46818 invoked by uid 1001); 21 Jan 2001 01:01:44 -0000 Date: Sat, 20 Jan 2001 20:01:44 -0500 (EST) From: Vince Vielhaber To: Subject: icmp-response bandwidth limit? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Today I'm suddenly getting these messages: Jan 20 18:44:48 chives /kernel: icmp-response bandwidth limit 230/200 pps Is someone trying to pingflood me or something? Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: vev@michvhf.com http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ========================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 17: 7:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-c.mdsn1.wi.home.com [24.183.3.139]) by hub.freebsd.org (Postfix) with ESMTP id 976C437B698 for ; Sat, 20 Jan 2001 17:07:26 -0800 (PST) Received: (qmail 16569 invoked by uid 1000); 21 Jan 2001 01:07:25 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 21 Jan 2001 01:07:25 -0000 Date: Sat, 20 Jan 2001 19:07:25 -0600 (CST) From: Mike Silbersack To: Vince Vielhaber Cc: Subject: Re: icmp-response bandwidth limit? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 20 Jan 2001, Vince Vielhaber wrote: > Today I'm suddenly getting these messages: > > Jan 20 18:44:48 chives /kernel: icmp-response bandwidth limit 230/200 pps > > Is someone trying to pingflood me or something? > > Vince. They're either doing something that causes RSTs or icmp unreachables to be emitted, not ping flooding you. In all likelihood, it's just a portscan, and nothing to be worried about. Generally, attack tools will exceed the limit by a great deal, portscanning tools will adapt and stay close to the limited rate. There should be no need to worry, though your curiosity may drive you to use a packet sniffer next time it happens. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 17:18:46 2001 Delivered-To: freebsd-net@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id 2B5D537B400 for ; Sat, 20 Jan 2001 17:18:28 -0800 (PST) Received: by bazooka.unixfreak.org (Postfix, from userid 1000) id E2CCE3E02; Sat, 20 Jan 2001 17:18:27 -0800 (PST) Received: from unixfreak.org (localhost [127.0.0.1]) by bazooka.unixfreak.org (Postfix) with ESMTP id DC5623C10A; Sat, 20 Jan 2001 17:18:27 -0800 (PST) To: Vince Vielhaber Cc: freebsd-net@freebsd.org Subject: Re: icmp-response bandwidth limit? In-Reply-To: Message from Vince Vielhaber of "Sat, 20 Jan 2001 20:01:44 EST." Date: Sat, 20 Jan 2001 17:18:22 -0800 From: Dima Dorfman Message-Id: <20010121011827.E2CCE3E02@bazooka.unixfreak.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Today I'm suddenly getting these messages: > > Jan 20 18:44:48 chives /kernel: icmp-response bandwidth limit 230/200 pps > > Is someone trying to pingflood me or something? Somebody already gave you the gist of it, but in case you're curious there's an FAQ entry about this describing it in a little more detail: http://www.freebsd.org/FAQ/networking.html#ICMP-RESPONSE-BW-LIMIT Dima Dorfman dima@unixfreak.org P.S. -net is for technical discussions of network code, not general questions. Next time, please send this kind of e-mail to -questions instead. Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 20: 4:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 8649237B401 for ; Sat, 20 Jan 2001 20:03:47 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14KBq8-0000UJ-00; Sat, 20 Jan 2001 21:10:52 -0700 Message-ID: <3A6A614C.3004DD43@softweyr.com> Date: Sat, 20 Jan 2001 21:10:52 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Dima Dorfman Cc: Ben Smithurst , Garrett Wollman , freebsd-net@FreeBSD.ORG Subject: Re: manual page review: connect(2) EAGAIN error References: <20010120234740.E74B53E02@bazooka.unixfreak.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dima Dorfman wrote: > > > oops, looks like you already answered that (EADDRNOTAVAIL) in your last > > message. sorry. If you fix the code to return EADDRNOTAVAIL then the PR > > can be closed as it will no longer apply. > > I sent a patch to fix this in a response to this thread, but it seems > noone noticed. You can find the e-mail here: If I don't hear any objections, I'll commit this (and fix the man page). For your review simplicity, the patch is: Index: in_pcb.c =================================================================== RCS file: /st/src/FreeBSD/src/sys/netinet/in_pcb.c,v retrieving revision 1.71 diff -u -r1.71 in_pcb.c --- in_pcb.c 2000/12/27 03:02:29 1.71 +++ in_pcb.c 2001/01/20 00:31:27 @@ -313,7 +313,7 @@ * occurred above. */ inp->inp_laddr.s_addr = INADDR_ANY; - return (EAGAIN); + return (EADDRNOTAVAIL); } --*lastport; if (*lastport > first || *lastport < last) @@ -334,7 +334,7 @@ * occurred above. */ inp->inp_laddr.s_addr = INADDR_ANY; - return (EAGAIN); + return (EADDRNOTAVAIL); } ++*lastport; if (*lastport < first || *lastport > last) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 20 20:14:57 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.rdc1.nj.home.com (ha1.rdc1.nj.home.com [24.3.128.66]) by hub.freebsd.org (Postfix) with ESMTP id F051937B401 for ; Sat, 20 Jan 2001 20:14:38 -0800 (PST) Received: from home.com ([24.228.40.16]) by mail.rdc1.nj.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010121041438.VHAV14368.mail.rdc1.nj.home.com@home.com> for ; Sat, 20 Jan 2001 20:14:38 -0800 Message-ID: <3A6A6239.412A2ED0@home.com> Date: Sat, 20 Jan 2001 23:14:49 -0500 From: seek3r2k X-Mailer: Mozilla 4.74 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: IP Aliasing Problems HELP! Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I have aliased my single NIC with the IP address 192.168.1.1/24, so that i can port out a cable modem connection to my win machine, thus two machines on a subnet. This is what my rc.conf looks like host="host name" IPFILTER="YES" IPNAT="YES gateway_enable="YES" ifconfig fxp0="DHCP" ifconfig fxp0 inet 192.168.1.1 netmask 255.255.255.0 alias defaultrouter="" I have enabled IP Forwarding in the rc.local file. This is what i have in my IPNAT.CONF file: map fxp0 192.168.1.0/24 port 80 -> /32 port 80 tcp/udp 10000:60000 map fxp0 192.168.1.0/24 port 80 -> /32 port 80 rdr fxp0 "" port 80 -> 192.168.1.10/32 port 80 Now, when i run ipnat, i get a message: syntax error in "rdr". i have tried many times to edit it and still get the same error. If i try to echo the file on command line, i get the same message, and that it doesnt recognize "rdr" as a keyword. Why is that? Finally, after all this, i still can not get online with my internal machine, the windows machine on the subnet. I can ping the internal gateway address (192.168.1.10) and the external IP address from the windows machine, but i cant ping anything outside the network. what am I doing wrong? I compiled the kernel with IPFILTER on. Please help. Thanks! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message